It has been discovered that hackers can distribute malicious payloads easily and efficiently through the package repository on the PyPI website by using a simple and troublesome exploit.
A JFrog security researcher has discovered a new supply chain attack technique using which they can attack PyPI repositories (Python Package Index) that can be used to hack them.
Hundreds of thousands of software packages can potentially be affected by this attack technique and countless users could be affected as a result.
A technique known as “Revival Hijack,” exploits a policy loophole by which attackers may re-register the names of packages that have been removed from PyPI by their original developers and hijack the names themselves once the packages have been removed from PyPI.
As part of an attack against the Python Package Index (PyPI) registry, a new supply chain attack technique has been uncovered in the wild, which is designed to infiltrate downstream organizations by exploiting the PyPI registry. There is an attack vector called “Revival Hijack” which involves the registration of a new project with a name that matches a package that has been removed from the PyPI platform which may then serve as an attack vector.
If a threat actor manages to do this, then they will be able to distribute malicious code to developers who pull updates periodical
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: