A new study says 97% of open source vulnerabilities linked to software supply chain risks are not attackable — but is “attackability” the best method for prioritizing bugs?

from Dark Reading https://ift.tt/x3ERYyh
via IFTTT