all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Open source package with millions of downloads vulnerable to account takeover

Add to bookmarks
Feb. 17, 2023, 7:53 p.m. | Menghan Xiao

SC Magazine feed for Risk Management www.scmagazine.com

The package can be taken over by acquiring an expired domain name, software supply chain security company illustria said in a report. They urged maintainers to check their accounts and remove any unused email addresses to mitigate the threat. 

account accounts account takeover acquiring addresses check devops domain domain name downloads email expired expired domain identity and access maintainers name open source package remove report security software software supply chain software supply chain security supply supply chain supply chain security taken takeover threat vulnerable

Visit resource

More from www.scmagazine.com / SC Magazine feed for Risk Management

Microsoft finds Kubernetes clusters targeted by OpenMetadata exploits 6 hours ago | www.scmagazine.com
campaign cloud security clusters cryptominer +10
From Hackers to Streakers - How Counterintelligence Teams are Protecting the NFL - Joe McMann … 8 hours ago | www.scmagazine.com
counterintelligence hackers incident response managed services +4
Several botnets set sights on vulnerable TP-Link routers 13 hours ago | www.scmagazine.com
bleepingcomputer botnets command command injection +19
Hacker Heroes - Winn Schwartau - PSW #825 1 day, 6 hours ago | www.scmagazine.com
cloud security hacker heroes identity +2
Cyberattack disclosed by East Coast fisheries org following 8Base ransomware claims 1 day, 14 hours ago | www.scmagazine.com
8base 8base ransomware claims cyberattack +14
Credential exposure possible with cloud CLI tool vulnerability 1 day, 14 hours ago | www.scmagazine.com
amazon amazon web services azure cli +29
VPN, SSH services targeted by widespread brute-force attack campaign 1 day, 14 hours ago | www.scmagazine.com
attack bleepingcomputer brute brute-force +25
From Idea to Success: How to Operationalize a Startup from Zero to Exit - Seth … 3 days, 9 hours ago | www.scmagazine.com
exit idea leadership security-strategy-plan-budget +1
Key cybersecurity concerns among CISOs examined 3 days, 13 hours ago | www.scmagazine.com
attack attack techniques chief cisos +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Cybersecurity Consultant- Governance, Risk, and Compliance team

@ EY | Tel Aviv, IL, 6706703
View on infosec-jobs.com

Professional Services Consultant

@ Zscaler | Escazú, Costa Rica
View on infosec-jobs.com

IT Security Analyst

@ Briggs & Stratton | Wauwatosa, WI, US, 53222
View on infosec-jobs.com

Cloud DevSecOps Engineer - Team Lead

@ Motorola Solutions | Krakow, Poland
View on infosec-jobs.com
View more jobs