Our security research and data science teams detected a resurgence of a malicious repo confusion campaign that began mid-last year, this time on a much larger scale. The attack impacts more than 100,000 GitHub repositories (and presumably millions) when unsuspecting developers use repositories that resemble known and trusted ones but are, in fact, infected with malicious code.
  • How do repo confusion attacks happen?
  • What happens when the malicious repos are in use?
  • The automation effects on GitHub
  • When did the campaign start?
  • The transition of malware from package managers to SCMs
  • How to protect yourself against repo confusions
holy shit, the internet is a mess
reply
It's a shame that most of these attacks are caused by user carelessness. The apiiro article on how to protect ourselves is really good.
reply
It's shocking! The security of the software supply chain is really an issue. My wallet keys are trembling.
reply
That's comforting... the risks of Open Source, I guess.
reply
You have to be very careful these days...
reply