OSV has withdrawn 157 malware reports after automated detections incorrectly flagged npm and PyPI packages as malicious, pushing bad records for trusted projects into OSV-consuming security tools and CI/CD systems.
socket.dev/blog/osv-wit...
OSV withdrew 157 OSV malware reports after automated false positives incorrectly flagged trusted npm and PyPI packages, sending bad records into tools...
