all InfoSec news
This Week in Malware— Cryptominers Flood npm, PyPI, and More Dependency Confusion
Aug. 19, 2022, 1:41 p.m. | hernano@sonatype.com (Hernán Ortiz)
Sonatype Blog blog.sonatype.com
This Week in Malware we are disclosing upwards of 240 PyPI and npm packages, the majority of which are typosquats dropping malicious cryptominers, along with some dependency confusion PoCs.
cryptominers dependency dependency confusion devzone flood malware malware prevention npm pypi this week in malware vulnerabilities
More from blog.sonatype.com / Sonatype Blog
I have an SBOM, now what?
3 days, 12 hours ago |
blog.sonatype.com
PyPI crypto-stealer targets Windows users, revives malware campaign
3 days, 21 hours ago |
blog.sonatype.com
Zero-day vulnerabilities: A beginner's guide
1 week, 3 days ago |
blog.sonatype.com
Sonatype Lifecycle best practices: InnerSource
2 weeks, 3 days ago |
blog.sonatype.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Security Compliance Strategist
@ Grab | Petaling Jaya, Malaysia
Cloud Security Architect, Lead
@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)