New Revival Hijack Technique Leaves 22,000 SMB Projects Vulnerable to Attacks

Research reveals that up to 22,000 PyPI packages could be at risk of being hijacked in a newly developed supply chain attack technique.

Security researchers at DevOps specialist JFrog have published a blog post warning developers about a new attack technique that leverages the ability to re-register popular packages once the original owner removes them from the PyPI index.

Source link

Leave a Comment