Blog Home
Malicious Pypi_863x300

Malicious PyPI Package Hijacks MEXC Orders, Steals Crypto Tokens
April 15, 2025

The JFrog Security Research team regularly monitors open source software repositories using advanced automated tools, in order to detect malicious packages. In cases of potential supply chain security threats, our research team reports any malicious packages that were discovered to the repositoryโ€™s maintainers in order to have them removed. This blog provides an analysis of โ€ฆ

Read More
dome over boxes to show security over software packages

N-Day Hijack: Analyzing the lifespan of package hijacking attacks
December 14, 2023

Software package hijacking has become a prominent concern for individuals, businesses, and the cybersecurity community at large. Weโ€™ve seen this new threat trend rise over the past couple of years, with the potential to severely impact the software supply chain by attackers exploiting software packages to execute malicious code. This blog post details a case โ€ฆ

Read More

Popular Tags