Attackers Aim at Software Supply Chain with Package Typosquatting

Developers that make a simple typing mistake could find their systems compromised by malware in the latest attack on the software supply chain, say researchers at ReversingLabs, a software analysis platform provider. The researchers analyzed the package repository for the Ruby language looking for code packages, known as Ruby Gems, submitted to the repository with names similar to existing baseline packages.

Read full article on Dark Reading

 


Date:

Categorie(s):