all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

This Week in Malware - 135 Packages Target npm and PyPI Registries

Add to bookmarks
Sept. 30, 2022, 8:15 p.m. | alinskens@sonatype.com (Aaron Linskens)

Sonatype Blog blog.sonatype.com




This week in malware, we discovered and analyzed 135 packages flagged as malicious, suspicious, or dependency confusion attacks in npm and PyPI registries.

devzone malware malware prevention npm pypi target this week in malware vulnerabilities

Visit resource

More from blog.sonatype.com / Sonatype Blog

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens' 6 hours ago | blog.sonatype.com
cases dependency dependency confusion flood +19
The essential duo of SCA and SBOM management 4 days, 6 hours ago | blog.sonatype.com
application application security attacks duo +16
Automating and maintaining SBOMs 1 week, 4 days ago | blog.sonatype.com
artifact automation bill components +11
CVE-2024-3094 The targeted backdoor supply chain attack against XZ and liblzma 2 weeks, 1 day ago | blog.sonatype.com
attack attacks backdoor bank +26
CVE-2024-3094 The targeted backdoor supply chain attack against XZ and libzma 2 weeks, 1 day ago | blog.sonatype.com
attack attacks backdoor bank +26
SBOM, VDR, and Maven: Transforming the Apache Logging experience to a common pattern 2 weeks, 4 days ago | blog.sonatype.com
apache cyclonedx devzone experience +14
Cyber readiness and SBOMs 3 weeks ago | blog.sonatype.com
academic academic research advanced bills +22
Open source ML/AI models: attackers' next target 3 weeks, 4 days ago | blog.sonatype.com
ai models apps art attackers +14
How to integrate SBOMs into the software development life cycle 3 weeks, 6 days ago | blog.sonatype.com
availability bill can code +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Senior Cybersecurity Technical Delivery Manager

@ MUFG | London Ropemaker place
View on infosec-jobs.com

Junior consultant-Technology Risk

@ EY | Bratislava, SK, 811 02
View on infosec-jobs.com

Director of Security Engineering, Information Security

@ Illumio | Sunnyvale, California
View on infosec-jobs.com

Cyber Analyst II 03396 NWG

@ North Wind Group | KNOXVILLE, TN
View on infosec-jobs.com

CRIT Information Security Officer (f/m/d)

@ Deutsche Börse | Frankfurt am Main, DE
View on infosec-jobs.com
View more jobs