GitHub blighted by “researcher” who created thousands of malicious projects

4 August 2022

Just over a year ago, we wrote about a “cybersecurity researcher” who posted almost 4000 pointlessly poisoned Python packages to the popular repository PyPI. This person went by the curious nickname of Remind Supply Chain Risks, and the packages had project names that were generally similar to well-known projects, presumably in the hope that some of them would get installed by mistake, thanks to users using slightly incorrect search terms or making minor typing mistakes when typing in PyPI URLs.

Read full article on Naked Security

Date:

4 August 2022

Categorie(s):

NEWS

Tag(s):

IT, News

NETGEAR buffer Overflow Vulnerability Let Attackers Bypass Authentication26 April 2024
Enhancing Cybersecurity Defenses: The role of Voice Cloning in Penetration Testing26 April 2024
Ensuring the Security and Efficiency of Web Applications and Systems26 April 2024
Integrated Residential Security Solutions to Employ in 202426 April 2024
Five ways security leaders can demonstrate the business value of cybersecurity26 April 2024