Feb 102021

Security researcher finds it’s easy to confuse build systems with malicious versions of private software libraries

Bug hunter Alex Birsan last year managed to compromise the software supply chain of 35 companies by exploiting packaging mechanisms used by JavaScript, Python, and Ruby developers.…

External feed Read More at the Source: https://go.theregister.com/feed/www.theregister.com/2021/02/10/library_dependencies_attack/

 2021-02-10  Add comments

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>