cognitive cybersecurity intelligence

News and Analysis

PyPI halted new users and projects while it fended off supply-chain attack

The Python Package Index (PyPI), a key repository for open-source developers, suspended new project creation and user registration following a surge of package uploads containing malicious code. The suspension lasted 10 hours. Security firm Checkmarx reported that the attack likely involved automated uploads of harmful packages using a method called typosquatting, which relies on user typos when entering package names. This isn’t the first instance of such a threat facing the software development ecosystem, with a similar attack targeting GitHub last month.

Source: arstechnica.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

News and Analysis

PyPI halted new users and projects while it fended off supply-chain attack

Subscribe to newsletter

More Posts

Ingram Micro confirms ransomware incident – Reseller News

Redpoint, Cytactic announce AI-based cyber crisis response integration – The Jerusalem Post

News – Scroller Home Page – Kelly Benefits data breach compromised over half a million individuals – teiss

News – Kelly Benefits data breach compromised over half a million individuals – teiss

Products

Solutions

Healthcare cybersecurity

Healthcare Threat Intelligence

Use Cases

News and Analysis

Insights

Company