Blog

New Revival Hijack technique leaves 22,000 PyPi projects vulnerable to attacks


Up to 22,000 PyPI packages may be at risk of being hijacked in a newly-developed supply chain attack technique, research reveals.

Security researchers at devops specialist JFrog published a blog warning developers about a new attack technique that leverages the ability to re-register popular packages once the original owner removes them from PyPI’s index.


Source link

Related Articles

Back to top button
close