all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Microsoft PowerShell Gallery vulnerable to spoofing, supply chain attacks

Add to bookmarks
Aug. 17, 2023, 8 p.m. | Bill Toulas

BleepingComputer www.bleepingcomputer.com

Lax policies for package naming on Microsoft's PowerShell Gallery code repository allow threat actors to perform typosquatting attacks, spoof popular packages and potentially lay the ground for massive supply chain attacks. [...]

attacks code code repository gallery microsoft package packages policies popular powershell repository security spoof spoofing supply supply chain supply chain attacks threat threat actors typosquatting typosquatting attacks vulnerable

Visit resource

More from www.bleepingcomputer.com / BleepingComputer

Over 50,000 Tinyproxy servers vulnerable to critical RCE flaw 35 minutes ago | www.bleepingcomputer.com
code code execution critical cve +10
BetterHelp to pay $7.8 million to 800,000 in health data sharing settlement 58 minutes ago | www.bleepingcomputer.com
advertising agreement betterhelp consumer +13
LockBit ransomware admin identified, sanctioned in US, UK, Australia 3 hours ago | www.bleepingcomputer.com
actor admin agency australia +14
Google Chrome is getting native support for YouTube-like video chapters 20 hours ago | www.bleepingcomputer.com
chrome embedded feature google +8
Microsoft tests using MT/s for memory speed in Windows 11 Task Manager 1 day ago | www.bleepingcomputer.com
hardware manager mega memory +7
City of Wichita shuts down IT network after ransomware attack 1 day, 3 hours ago | www.bleepingcomputer.com
attack city down it network +6
Get ahead in cybersecurity with $145 off a training course bundle 1 day, 6 hours ago | www.bleepingcomputer.com
advanced bundle course credentials +9
Lockbit's seized site comes alive to tease new police announcements 1 day, 6 hours ago | www.bleepingcomputer.com
announcements data data leak data leak site +16
Finland warns of Android malware attacks breaching bank accounts 2 days, 3 hours ago | www.bleepingcomputer.com
accounts agency android android malware +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Product Regulatory Compliance Specialist

@ Avery Dennison | Oegstgeest, Netherlands
View on infosec-jobs.com

Cyber Security Analyst

@ FinClear | Melbourne, Australia
View on infosec-jobs.com

Senior Application Security Manager, United States-(Virtual)

@ Stanley Black & Decker | New Britain CT USA - 1000 Stanley Dr
View on infosec-jobs.com

Vice President - Information Security Management - FedRAMP

@ JPMorgan Chase & Co. | Chicago, IL, United States
View on infosec-jobs.com

Vice President, Threat Intelligence & AI

@ Arctic Wolf | Remote - Minnesota
View on infosec-jobs.com

Cybersecurity Analyst

@ Resource Management Concepts, Inc. | Dahlgren, Virginia, United States
View on infosec-jobs.com
View more jobs