Phishing PyPI users: Attackers compromise legitimate projects to push malware
PyPI, the official third-party software repository for Python packages, is warning about a phishing campaign targeting its users. “We have additionally determined that …
typosquatting
Defeating typosquatters: Staying ahead of phishing and digital fraud
It has become a mantra for businesses targeted by hackers to describe the incident as a “sophisticated cyber-attack”. Although true in some instances, the reality is that most …
760+ malicious packages found typosquatting on RubyGems
Researchers have discovered over 760 malicious Ruby packages (aka “gems”) typosquatting on RubyGems, the Ruby community’s gem repository / hosting service. The …
Lookalike domains: Artificial intelligence may come to the rescue
In the world of network security, hackers often use lookalike domains to trick users to unintended and unwanted web sites, to deliver malicious software into or to send data …
How programmers can be tricked into running bad code
Are programming language package managers vulnerable to typosquatting attacks? And can these attacks result in software developers running potentially malicious code? The …