all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Supply Chain Attacks Overflow: PyPI Suspended New Registrations

Add to bookmarks
May 22, 2023, 5:50 p.m. | Neta Spektor

Legit Security Blog www.legitsecurity.com




On May 20th, in an unprecedented move, PyPI (the official Python Package manager) announced they are temporarily suspending new users and new projects registration. This dramatic announcement follows a long line of incidents in which malicious packages were uploaded to PyPI, as well as other package managers. Following this topic closely for over a year, we in Legit observe a huge increase in the number of attackers trying to exploit this attack surface.


As the PyPI team stated: “The …

announcement appsec attacks explainers incidents malicious malicious packages manager managers may official overflow package package manager package managers packages projects pypi python python package registration registrations supply supply chain supply chain attacks threats unprecedented

Visit resource

More from www.legitsecurity.com / Legit Security Blog

Dependency Confusion Vulnerability Found in an Archived Apache Project 2 days, 19 hours ago | www.legitsecurity.com
apache appsec best practices dependency +10
The Role of ASPM in Enhancing Software Supply Chain Security 6 days, 14 hours ago | www.legitsecurity.com
appsec aspm best practices critical +14
How to Reduce the Risk of Using External AI Models in Your SDLC 1 week, 5 days ago | www.legitsecurity.com
address ai models appsec best practices +5
Securing the Software Supply Chain: Risk Management Tips 3 weeks, 2 days ago | www.legitsecurity.com
appsec best practices can explainers +15
What You Need to Know About the XZ Utils Backdoor 3 weeks, 4 days ago | www.legitsecurity.com
announcement appsec backdoor legit +3
How to Get the Most From Your Secrets Scanning 4 weeks, 2 days ago | www.legitsecurity.com
amp appsec best practices code +17
Microsoft Under Attack by Russian Cyberattackers 1 month, 1 week ago | www.legitsecurity.com
appsec attack attackers best practices +11
Don't Miss These Emerging Trends in Cloud Application Security 1 month, 1 week ago | www.legitsecurity.com
application application security appsec best practices +9
Using AI to Reduce False Positives in Secrets Scanners 1 month, 1 week ago | www.legitsecurity.com
appsec best practices false positives legit +6

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Systems Security Officer (ISSO) (Remote within HR Virginia area)

@ OneZero Solutions | Portsmouth, VA, USA
View on infosec-jobs.com

Security Analyst

@ UNDP | Tripoli (LBY), Libya
View on infosec-jobs.com

Senior Incident Response Consultant

@ Google | United Kingdom
View on infosec-jobs.com

Product Manager II, Threat Intelligence, Google Cloud

@ Google | Austin, TX, USA; Reston, VA, USA
View on infosec-jobs.com

Cloud Security Analyst

@ Cloud Peritus | Bengaluru, India
View on infosec-jobs.com
View more jobs