all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Alert: Million of GitHub Repositories Likely Vulnerable to RepoJacking Attack

Add to bookmarks
June 22, 2023, 1:13 p.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

Millions of software repositories on GitHub are likely vulnerable to an attack called RepoJacking, a new study has revealed.
This includes repositories from organizations such as Google, Lyft, and several others, Massachusetts-based cloud-native security firm Aqua said in a Wednesday report.
The supply chain vulnerability, also known as dependency repository hijacking, is a class of attacks that

alert aqua attack called cloud cloud-native cloud-native security dependency github github repositories google lyft massachusetts organizations repojacking report repositories repository security software study supply supply chain supply chain vulnerability vulnerability vulnerable

Visit resource

More from thehackernews.com / The Hacker News

New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024 4 hours ago | thehackernews.com
act and telecommunications april bans +23
Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023 17 hours ago | thehackernews.com
access accounts address android +20
China-Linked 'Muddling Meerkat' Hijacks DNS to Map Internet on Global Scale 21 hours ago | thehackernews.com
actor china cloud cloud security +22
Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM 23 hours ago | thehackernews.com
adoption attackers challenge cyber +21
New R Programming Vulnerability Exposes Projects to Supply Chain Attacks 23 hours ago | thehackernews.com
actor attacks code code execution +22
Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover 1 day ago | thehackernews.com
access adversary code code execution +18
Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks 1 day, 20 hours ago | thehackernews.com
access access management attacks availability +16
Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw 2 days, 22 hours ago | thehackernews.com
attack attack chain cobalt cobalt strike +19
Bogus npm Packages Used to Trick Software Developers into Installing Malware 3 days, 5 hours ago | thehackernews.com
backdoor bogus campaign cybersecurity +25

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Senior Security Engineer

@ Core10 | Nashville, Tennessee, United States - Remote
View on infosec-jobs.com

Security Operations Engineer I

@ Jamf | US Remote
View on infosec-jobs.com

IT Security ISSO Specialist (15.10)

@ OCT Consulting, LLC | Washington, District of Columbia, United States
View on infosec-jobs.com

Compliance Officer

@ Aspire Software | Canada - Remote
View on infosec-jobs.com

Security Operations Center (SOC) - AVP

@ Paytm | Noida, Uttar Pradesh
View on infosec-jobs.com
View more jobs