Header News about Google's open source student programs and software releases all content wrapper start Operation Rosehub Wednesday, March 1, 2017 Twelve months ago, a team of 50 Google employees used GitHub to patch the “Apache Commons Collections Deserialization Vulnerability” (or the “ Mad Gadget vulnerability ” as we call it) in thousands of open source projects. We recently learned why our efforts were so important. The San Francisco Municipal Transportation Agency had their software systems encrypted and shut down by an avaricious hacker. The hacker used that very same vulnerability, according to reports of the incident . He demanded a Bitcoin ransom from the government. He threatened to leak the private data he stole from San Francisco’s citizens if his ransom wasn’t paid. This was an attack on our most critical public infrastructure; in...