all InfoSec news
This Week in Malware— Cryptominers Flood npm, PyPI, and More Dependency Confusion
Aug. 19, 2022, 1:41 p.m. | hernano@sonatype.com (Hernán Ortiz)
Sonatype Blog blog.sonatype.com
This Week in Malware we are disclosing upwards of 240 PyPI and npm packages, the majority of which are typosquats dropping malicious cryptominers, along with some dependency confusion PoCs.
cryptominers dependency dependency confusion devzone flood malware malware prevention npm pypi this week in malware vulnerabilities
More from blog.sonatype.com / Sonatype Blog
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Intermediate Security Engineer, (Incident Response, Trust & Safety)
@ GitLab | Remote, US
Journeyman Cybersecurity Triage Analyst
@ Peraton | Linthicum, MD, United States
Project Manager II - Compliance
@ Critical Path Institute | Tucson, AZ, USA
Junior System Engineer (m/w/d) Cyber Security 1
@ Deutsche Telekom | Leipzig, Deutschland