This Week in Malware—July 15th Edition | allinfosecnews.com

July 15, 2022, 9:46 a.m. | Ax Sharma

Sonatype Blog blog.sonatype.com

This Week in Malware we discovered and analyzed multiple PyPI and npm packages that are either dependency confusion candidates, prank packages, contain PoC reverse shell code, or were otherwise flagged as suspicious for containing extensive obfuscation without good reason.

devzone july malware malware prevention npm pypi this week in malware vulnerabilities

More from blog.sonatype.com / Sonatype Blog

The impact of automating open source dependency management 2 days, 5 hours ago | blog.sonatype.com

automation business consuming customer +13

Sonatype Lifecycle best practices: Getting started and managing SBOMs 1 week, 3 days ago | blog.sonatype.com

applications best practices critical dependencies +13

DevOps pioneers navigate organizational transformation 2 weeks, 3 days ago | blog.sonatype.com

depth devops devops transformation download +13

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens' 2 weeks, 5 days ago | blog.sonatype.com

cases dependency dependency confusion flood +19

The essential duo of SCA and SBOM management 3 weeks, 2 days ago | blog.sonatype.com

application application security attacks duo +16

Automating and maintaining SBOMs 1 month ago | blog.sonatype.com

artifact automation bill components +11

CVE-2024-3094 The targeted backdoor supply chain attack against XZ and libzma 1 month ago | blog.sonatype.com

attack attacks backdoor bank +26

CVE-2024-3094 The targeted backdoor supply chain attack against XZ and liblzma 1 month ago | blog.sonatype.com

attack attacks backdoor bank +26

SBOM, VDR, and Maven: Transforming the Apache Logging experience to a common pattern 1 month ago | blog.sonatype.com

apache cyclonedx devzone experience +14

Security Analyst

@ Northwestern Memorial Healthcare | Chicago, IL, United States

View on infosec-jobs.com

GRC Analyst

@ Richemont | Shelton, CT, US

View on infosec-jobs.com

Security Specialist

@ Peraton | Government Site, MD, United States

View on infosec-jobs.com

Information Assurance Security Specialist (IASS)

@ OBXtek Inc. | United States

View on infosec-jobs.com

Cyber Security Technology Analyst

@ Airbus | Bengaluru (Airbus)

View on infosec-jobs.com

Vice President, Cyber Operations Engineer

@ BlackRock | LO9-London - Drapers Gardens

View on infosec-jobs.com