all InfoSec news
Is there any sort of validation mechanism mitigating MITM supply chain attacks in the case an attacker breaches a repo server like NPM or PyPi?
July 8, 2022, 1:25 p.m. | /u/Jonathan-Todd
cybersecurity www.reddit.com
I'm thinking of a more drastic scenario where an attacker breaches the server delivering the packages. I'm not at a desktop to cite the domains NPM packages are loaded from, or PyPi, etc, but you know the ones.
Don't packages actually get delivered from centralized servers delivering content for those package managers? If I recall correctly, when I was trying to load Pip packages in …
attacks breaches case cybersecurity mitm npm pypi repo server sort supply supply chain supply chain attacks validation
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Security Operations Manager (f/d/m), 80-100%
@ Alpiq | Lausanne, CH
Project Manager - Cyber Security
@ Quantrics Enterprises Inc. | Philippines
Sr. Principal Application Security Engineer
@ Gen | DEU - Tettnang, Kaplaneiweg
(Senior) Security Architect Car IT/ Threat Modelling / Information Security (m/f/x)
@ Mercedes-Benz Tech Innovation | Ulm
Information System Security Officer
@ ManTech | 200AE - 375 E St SW, Washington, DC