On Saturday, August 13th, Checkmarx’s Software Supply Chain Security Typosquatting engine detected a large-scale attack on the Python ecosystem with multi-stage persistent malware. The PyPi user account devfather777 published a dozen malicious Typosquatting packages under the names of popular projects
Today, as it was revealed by Stephen Lacy in his tweet, he shared his findings of a large-scale campaign targeting random GitHub repositories with project clones containing credential stealing malware and remote shell execution on top of the original code.
A logical flaw in GitHub allows attackers to take control over thousands of repositories, enabling the poisoning of popular open-source packages. This flaw is yet to be fixed and the steps to exploit it were recently published, making it highly
What Happened? Multiple supply chain attacks from the same attacker were reported today by s0md3v. (1) PHP package hautelook/phpass with over 2.5 million installations was hijacked using the RepoJacking technique. (2) Python package “ctx” with over 700,000 downloads was compromised
Checkmarx Supply Chain Security (SCS) team has uncovered hundreds of malicious packages attempting to use a dependency confusion attack. Customarily, attackers use an anonymous disposable NPM account from which they launch their attacks. As it seems this time, the attacker
Recent NPM package takeover incidents such as “coa” and “ua-parser-js” have affected organizations by the thousands and have emphasized the need for a monitoring system, alerting developers and the open source community of suspicious activities that might hint of an
©2022 Checkmarx Ltd. All Rights Reserved. iISO/IEC 27001:2013 Certified
