DoD reportedly relies on utility written by Russian
A widely used Node.js utility fast-glob appears maintained solely by a Yandex employee based in Russia, creating significant supply-chain security risk.
Report: Russia-based Yandex employee oversees open-source software approved for DOD use
A Russia-based Yandex employee is sole maintainer of fast-glob, a widely used open-source package embedded in Department of Defense software, posing supply-chain risk.
