Fabio Massacci

Latest

• Secure Software Development in the Era of Fluid Multi-party Open Software and Services
• LastPyMile: Identifying the Discrepancy between Sources and Packages
• Towards Using Source Code Repositories to Identify Software Supply Chain Attacks
• Vuln4Real: A methodology for counting actually vulnerable dependencies
• Typosquatting and combosquatting attacks on the python ecosystem
• Vulnerable Open Source Dependencies: Counting Those That Matter
• TESTREX: a Testbed for Repeatable Exploits