all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Microsoft PowerShell Gallery vulnerable to spoofing, supply chain attacks

Add to bookmarks
Aug. 17, 2023, 8 p.m. | Bill Toulas

BleepingComputer www.bleepingcomputer.com

Lax policies for package naming on Microsoft's PowerShell Gallery code repository allow threat actors to perform typosquatting attacks, spoof popular packages and potentially lay the ground for massive supply chain attacks. [...]

attacks code code repository gallery microsoft package packages policies popular powershell repository security spoof spoofing supply supply chain supply chain attacks threat threat actors typosquatting typosquatting attacks vulnerable

Visit resource

More from www.bleepingcomputer.com / BleepingComputer

Ransomware gang targets Windows admins via PuTTy, WinSCP malvertising 17 hours ago | www.bleepingcomputer.com
administrators ads download fake +13
Android malware Grandoreiro returns after police disruption 21 hours ago | www.bleepingcomputer.com
accounts android android banking trojan android malware +16
Banking malware Grandoreiro returns after police disruption 21 hours ago | www.bleepingcomputer.com
accounts banking banking malware banking trojan +14
The Week in Ransomware - May 17th 2024 - Mailbombing is back 1 day, 14 hours ago | www.bleepingcomputer.com
attention back breachforums data +10
Microsoft to start enforcing Azure multi-factor authentication in July 1 day, 17 hours ago | www.bleepingcomputer.com
authentication azure factor july +8
SEC: Financial orgs have 30 days to send data breach notifications 1 day, 19 hours ago | www.bleepingcomputer.com
breach breach notifications data data breach +14
US arrests suspects behind $73M ‘pig butchering’ laundering scheme 1 day, 20 hours ago | www.bleepingcomputer.com
arrests charged crime cryptocurrency +11
WebTPA data breach impacts 2.4 million insurance policyholders 1 day, 21 hours ago | www.bleepingcomputer.com
breach data data breach department +8
Five charged for cyber schemes to benefit North Korea's weapons program 2 days, 16 hours ago | www.bleepingcomputer.com
charged cyber department generated +14

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Technical Support Specialist (Cyber Security)

@ Sigma Software | Warsaw, Poland
View on infosec-jobs.com

OT Security Specialist

@ Adani Group | AHMEDABAD, GUJARAT, India
View on infosec-jobs.com

FS-EGRC-Manager-Cloud Security

@ EY | Bengaluru, KA, IN, 560048
View on infosec-jobs.com