This week in malware we discovered and analyzed 450 packages flagged as malicious, suspicious, or dependency confusion attacks.
Also, this week a phishing email campaign targeted PyPI maintainers in attempts to compromise accounts and inject malware into the registry’s packages.
Additionally, Sonatype’s director of information security explored the connection between security and procurement.
The post This Week in Malware – 450 Packages and a Phishing Campaign Against PyPI Maintainers appeared first on Security Boulevard.
Source: Read More