all InfoSec news
This Week in Malware—Ongoing dependency confusion
Sept. 9, 2022, 3:06 p.m. | Ax Sharma
Sonatype Blog blog.sonatype.com
This week in malware, Sonatype's automated malware detection systems have flagged over four dozen packages on both the npm and PyPI registries. Most of these packages are dependency confusion candidates published as proof-of-concept (PoC) exercises by security enthusiasts and bug bounty hunters.
dependency dependency confusion devzone malware malware prevention npm pypi this week in malware vulnerabilities
More from blog.sonatype.com / Sonatype Blog
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Security Engineer, Incident Response
@ Databricks | Remote - Netherlands
Associate Vulnerability Engineer - Mid-Atlantic region (Part-Time)
@ GuidePoint Security LLC | Remote in VA, MD, PA, NC, DE, NJ, or DC
Data Security Architect
@ Accenture Federal Services | Washington, DC
Identity Security Administrator
@ SailPoint | Pune, India