all InfoSec news
This Week in Malware—Ongoing Dependency Confusion
Sept. 9, 2022, 3:06 p.m. | Ax Sharma
Sonatype Blog blog.sonatype.com
This week in malware, Sonatype's automated malware detection systems have flagged over four dozen packages on both the npm and PyPI registries. Most of these packages are dependency confusion candidates published as proof-of-concept (PoC) exercises by security enthusiasts and bug bounty hunters.
dependency dependency confusion devzone malware malware prevention npm pypi this week in malware vulnerabilities
More from blog.sonatype.com / Sonatype Blog
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Cyber Security Architect - SR
@ ERCOT | Taylor, TX
SOC Analyst
@ Wix | Tel Aviv, Israel
Associate Director, SIEM & Detection Engineering(remote)
@ Humana | Remote US
Senior DevSecOps Architect
@ Computacenter | Birmingham, GB, B37 7YS