Advertisement
Top
image credit: Needpix

Alert: Million of GitHub Repositories Likely Vulnerable to RepoJacking Attack

June 22, 2023

Via: The Hacker News
Category:

Millions of software repositories on GitHub are likely vulnerable to an attack called RepoJacking, a new study has revealed.

This includes repositories from organizations such as Google, Lyft, and several others, Massachusetts-based cloud-native security firm Aqua said in a Wednesday report.

The supply chain vulnerability, also known as dependency repository hijacking, is a class of attacks that makes it possible to take over retired organizations or user names and publish trojanized versions of repositories to run malicious code.

Read More on The Hacker News

RELATED PUBLICATIONS

Google fixed critical Chrome vulnerability CVE-2024-4058
Google Patches Exploited Pixel Vulnerabilities
Mintlify Data Breach Leads to Exposure of Customer GitHub Tokens

Latest Publications

Chinese government website security is often worryingly bad, say Chinese researchers
Indonesia sneakily buys spyware, claims Amnesty International
97% of security leaders have increased SaaS security budgets
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!