PyPi

  • Blog

    New Revival Hijack technique leaves 22,000 PyPi projects vulnerable to attacks

    Up to 22,000 PyPI packages may be at risk of being hijacked in a newly-developed supply chain attack technique, research reveals. Security researchers at devops specialist JFrog published a blog warning developers about a new attack technique that leverages the ability to re-register popular packages once the original owner removes them from PyPI’s index. Dubbed ‘Revival Hijack’, the technique builds…

    Read More »
Back to top button
close