all InfoSec news
PyPI Flooded with 1,275 Dependency Confusion Packages
Jan. 24, 2022, 2:14 p.m. | Ax Sharma
Security Boulevard securityboulevard.com
Sonatype’s automated malware detection platform Nexus Firewall has flagged multiple dependency confusion packages on the PyPI registry today, all uploaded by the same user.
On January 23rd, PyPI user arturlebedev began flooding the PyPI registry with 1,275 packages, as observed by Sonatype:
The post PyPI Flooded with 1,275 Dependency Confusion Packages appeared first on Security Boulevard.
dependency dependency confusion devzone featured nexus firewall product pypi vulnerabilities
More from securityboulevard.com / Security Boulevard
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Digital Trust Cyber Transformation Senior
@ KPMG India | Mumbai, Maharashtra, India
Security Consultant, Assessment Services - SOC 2 | Remote US
@ Coalfire | United States
Sr. Systems Security Engineer
@ Effectual | Washington, DC
Cyber Network Engineer
@ SonicWall | Woodbridge, Virginia, United States
Security Architect
@ Nokia | Belgium