Thursday, August 25, 2022

PyPI Repository Warns Python Project Maintainers About Ongoing Phishing Attacks

The Python Package Index, PyPI, on Wednesday sounded the alarm about an ongoing phishing campaign that aims to steal developer credentials and inject malicious updates to legitimate packages. "This is the first known phishing attack against PyPI," the maintainers of the official third-party software repository said in a series of tweets. The social engineering attack entails sending
http://dlvr.it/SXDDLH
-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking

A critical security vulnerability has been disclosed in the Open Authorization (OAuth) implementation of the application development framewo...