Software Supply Chain Security Weaknesses
PyPI Goes Quiet After Huge Malware Attack: 500+ Typosquat Fakes Found
Richi Jennings | | code reuse, open source software supply chain security, PyPI, PyPI malicious packages, pypi vuln, pypi vulnerability, python, Python Malware, Python Packages, Python vulnerability, SB Blogwatch, secure software supply chain, software supply chain, software supply chain attack, software supply chain attacks, software supply chain hygiene, Software supply chain management, software supply chain risk, Software Supply Chain risks, software supply chain security, Software Supply Chain Security Risks, Software Supply Chain Security Weaknesses, typosquat, Typosquatting, typosquatting attacks
Emergency stop button: The Python Package Index was drowning in malicious code again, so they had to shut down registration for cleanup ...
Security Boulevard
GitHub Fights Forks — Millions of Them — Huge Software Supply Chain Security FAIL
Richi Jennings | | Apiiro, App Sec & Supply Chain Security, AppSec & Supply Chain Security, dependency confusion, dependency confusion attacks, GitHub, github application security, github bug, GitHub Exploit, GitHub repositories, GitHub Security Measures, github security scanning, GitHub Security Vulnerabilities, Open Source and Software Supply Chain Risks, open source software supply chain, open source software supply chain security, repo confusion, SB Blogwatch, secure software supply chain, software supply chain, software supply chain attack, software supply chain attacks, software supply chain automation, software supply chain hygiene, software supply chain risk, Software Supply Chain risks, software supply chain security, Software Supply Chain Security Weaknesses, supply chain, supply chain security, Supply-Chain Insecurity
Forking hell: Scrotebots clone thousands of projects, injecting malware millions of times ...
Security Boulevard
Where is Your Risk? Software Supply Chain Security Weaknesses
rezilion | | Application Security, Attack Surface, SBOM, Software Attack Surface Management, software bill of materials, software supply chain risk, Software Supply Chain Security Weaknesses, Uncategorized, Vulnerability Management
In the first two posts of this series on software-related risks we have looked at vulnerabilities introduced in the development phase and vulnerabilities present in open source software. The third major risk ...