Our security research and data science teams detected a resurgence of a malicious repo confusion campaign that began mid-last year, this time on a much larger scale. The attack impacts more than 100,000 GitHub repositories (and presumably millions) when unsuspecting developers use repositories that resemble known and trusted ones but are, in fact, infected with malicious code.
- How do repo confusion attacks happen?
- What happens when the malicious repos are in use?
- The automation effects on GitHub
- When did the campaign start?
- The transition of malware from package managers to SCMs
- How to protect yourself against repo confusions
related posts
0 replies \ @1GLENCoop 26 Jul
Related: #623011
reply
35 sats \ 1 reply \ @premitive1 29 Feb
holy shit, the internet is a mess
reply
0 sats \ 0 replies \ @0xbitcoiner OP 29 Feb
It's a shame that most of these attacks are caused by user carelessness. The apiiro article on how to protect ourselves is really good.
reply
16 sats \ 0 replies \ @sasasuina 29 Feb
It's shocking! The security of the software supply chain is really an issue. My wallet keys are trembling.
reply
0 sats \ 0 replies \ @MattInTech 29 Feb
That's comforting... the risks of Open Source, I guess.
reply
0 sats \ 0 replies \ @beorange 29 Feb
You have to be very careful these days...
reply