Malicious Pypi_863x300

Malicious PyPI Package Hijacks MEXC Orders, Steals Crypto Tokens

The JFrog Security Research team regularly monitors open source software repositories using advanced automated tools, in order to detect malicious packages. In cases of potential supply chain security threats, our research team reports any malicious packages that were discovered to the repositoryโ€™s maintainers in order to have them removed. This blog provides an analysis of โ€ฆ

dome over boxes to show security over software packages

N-Day Hijack: Analyzing the lifespan of package hijacking attacks

Software package hijacking has become a prominent concern for individuals, businesses, and the cybersecurity community at large. Weโ€™ve seen this new threat trend rise over the past couple of years, with the potential to severely impact the software supply chain by attackers exploiting software packages to execute malicious code. This blog post details a case โ€ฆ