{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreiaonjzuyesk6pn5zgvedkwyhiox45togj7xi7ps3lbkihvjlav5va",
    "uri": "at://did:plc:dxjzgxe7cvirxkwfjr2tjspt/app.bsky.feed.post/3mjb4taulesh2"
  },
  "path": "/t/cleaning-up-the-jme-github-org/49453#post_7",
  "publishedAt": "2026-04-11T00:38:30.000Z",
  "site": "https://hub.jmonkeyengine.org",
  "textContent": "RogerCanMakeYouDance:\n\n> What kind of attacks? I’m a bit out of the loop on this sorry\n\nGoogle will probably give more detail but short version is:\nBad actors target smaller open source packages that are shared by lots of other software by becoming contributors and then eventually becoming project leadership… or finding other ways to insert malicious code. Then a bunch of other software sucks in those changes.\n\nBut if the project security is bad then they get to bypass a bunch of steps and just hack one contributor’s account.",
  "title": "Cleaning up the JME github org"
}