Poisoned Python and PHP packages purloin passwords for AWS access

24 May 2022

A keen-eyed researcher at SANS recently wrote about a new and rather specific sort of supply chain attack against open-source software modules in Python and PHP. Following on-line discussions about a suspicious public Python module, Yee Ching Tok noted that a package called in the popular PyPi repository had suddenly received an “update”, despite not otherwise being touched since late 2014.

Read full article on Naked Security

Date:

24 May 2022

Categorie(s):

NEWS

Tag(s):

Amazon, AWS, Cloud Computing, Cloud Provider, Frameworks

Phishing Scams in the Gaming Community20 April 2024
Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks20 April 2024
Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack20 April 2024
How APIs Help To Improve Your Customers’ Experience [5 Tips]20 April 2024
Essential Cyber Security Plan for Small Business20 April 2024