A scanning tool for open-sourced software packages? Yes, please!

9 May 2022

The Open Source Security Foundation (OpenSSF), a collective of industry leaders aimed at improving the security of open-source software (OSS), recently announced the release of a prototype tool that scans for malicious packages in open source repositories. This tool, conveniently called Package Analysis, analyzed and identified at least 200 malicious packages uploaded to PyPI (The Python Package Index) and npm after a month of analysis.

Read full article on Malwarebytes Unpacked

Date:

9 May 2022

Categorie(s):

NEWS

Tag(s):

Google, IT, Open Source, Open Source Security Foundation, Open Source Software

4M+ WordPress Websites to Attacks, Following Plugin Vulnerability15 November 2024
High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables15 November 2024
CISA Warns of Actors Exploiting Two Palo Alto Networks Vulnerabilities15 November 2024
Microsoft Power Pages misconfigurations exposing sensitive data15 November 2024
Bitfinex Hacker Sentenced to 5 Years, Guilty of Laundering $10.5 Billion in Bitcoin15 November 2024