[rwth-security] Revival Hijack supply-chain attack threatens 22,000 PyPI packages

4 Sep 2024


      Hallo zusammen,
sofern nicht selber schon gesehen/-lesen hier [0] FYI
"Revival Hijack supply-chain attack threatens 22,000 PyPI packages"
--> "... To mitigate the threat, users and organizations can use package
         pinning to stay on specified, known to be trustworthy versions, verify
         package integrity, audit its contents, and look out for changes in
         package ownership or atypical update activity. ..."
VG
Bernd
[0]
https://www.bleepingcomputer.com/news/security/revival-hijack-supply-chain-a...
-- 

Bernd Kohler

IT Center
Abteilung: Netze
RWTH Aachen University
Wendlingweg 10
52074 Aachen
Tel: +49 241 80-29793
Fax: +49 241 80-22666
kohler@itc.rwth-aachen.de
https://www.itc.rwth-aachen.de

Social Media Kanäle des IT Centers:
https://blog.rwth-aachen.de/itc/
https://www.facebook.com/itcenterrwth
https://www.linkedin.com/company/itcenterrwth
https://twitter.com/ITCenterRWTH
https://www.youtube.com/c/ITCenterRWTHAachen

2024

2023

2022

2021

2020

2019

2018

[rwth-security] Revival Hijack supply-chain attack threatens 22,000 PyPI packages