all InfoSec news
Open source package with millions of downloads vulnerable to account takeover
SC Magazine feed for Risk Management www.scmagazine.com
The package can be taken over by acquiring an expired domain name, software supply chain security company illustria said in a report. They urged maintainers to check their accounts and remove any unused email addresses to mitigate the threat.
account accounts account takeover acquiring addresses check devops domain domain name downloads email expired expired domain identity and access maintainers name open source package remove report security software software supply chain software supply chain security supply supply chain supply chain security taken takeover threat vulnerable