all InfoSec news
Dependency confusion vulnerability impacts archived Apache project
SC Magazine feed for Risk Management www.scmagazine.com
Threat actors could potentially launch a software supply chain attack by exploiting a dependency confusion flaw impacting the archived Apache Cordova App Harness project, which had been discontinued five years ago, reports The Hacker News.
apache app attack dependency dependency confusion exploiting flaw hacker harness launch network security project reports software software supply chain software supply chain attack supply supply chain supply chain attack the hacker news threat threat actors vulnerability vulnerability management