February 26, 2021

SpywareNews.com

Dedicated Forum to help removing adware, malware, spyware, ransomware, trojans, viruses and more!

U.S. Water Supply Has Few Protections Against Hacking

Recently, a novel supply-chain attack was published by security researcher
Alex Birsan, detailing how dependency confusion (or "name-squatting") in
package managers can be misused in order to execute malicious code on
production and development systems.

In short, most package managers such as pip and npm do not distinguish
between internal packages (hosted on internal company servers) and external
ones (hosted on public servers). [...]
https://www.vdoo.com/blog/python-wheel-jacking-supply-chain-attacks