It’s 5:05, on Friday, November 4th, 2022. Each day we bring you updates on open source and cybersecurity news that might slip by the major news sources. We have 20 reporters from around the world. Today’s updates are from Olimpiu Pop in Transylvania Romania, Edwin Kwan in Sydney Australia, Trac Bannon in Camp Hill Pennsylvania, Mark Miller in New York City, DJ Schleen in Golden Colorado, and James McCleod in London UK. Let’s get to it!

🇺🇸 Tracy Bannon, Camp Hill, Pennsylvania

Trusted News Media Sites Hit by Supply Chain Malware Attack

https://www.bleepingcomputer.com/news/security/hundreds-of-us-news-sites-push-malware-in-supply-chain-attack/

🇦🇺 Edwin Kwan, Sydney, Australia

Supply Chain Attack Pushes Out Malware to More than 250 Media Websites

https://www.darkreading.com/application-security/supply-chain-attack-pushes-out-malware-to-more-than-250-media-websites

🇬🇧 James McLeod, London, United Kingdom

Two major meet-ups have been announced for the UK open source community

Open Source Edinburgh - https://www.meetup.com/open-source-edinburgh/events/289090920/

London.js - https://www.meetup.com/london-js/events/289254273/

🇷🇴 Olimpiu Pop, Transylvania, Romania

Azul systems joined the effort of securing the software supply chain, taking the fight to the trenches of the software runtimes.

https://www.infoq.com/news/2022/11/azul-vulnerability-detection/

🇺🇸 DJ Schleen, Golden, Colorado

Multi-factor auth fatigue is real – and it's why you may be in the headlines next

https://www.theregister.com/2022/11/03/mfa_fatigue_enterprise_threat/

🇺🇸 Mark Miller, New York City

Watch out… here come the deepfakes!

https://www.wired.com/story/ais-new-creative-streak-sparks-a-silicon-valley-gold-rush/