Solarwinds, Wirespeed & More | Learn how businesses rely on RL for file & Software Security
Customer Stories
The CISO Survival Guide: Operationalizing Third-Party Software Risk Management
Download Now
Your Go-To-Guide: Software Supply Chain Security for Dummies
Get the Guide
July 18, 2019

Malicious libraries in package repositories reveal a fundamental security flaw

The proliferation of malicious packages in repositories for software developers that rely on typosquatting points to a problem: A reliance on flat namespaces

Tech Republic

Read more: https://www.techrepublic.com/article/malicious-libraries-in-package-repositories-reveal-a-fundamental-security-flaw/

If you want to take a deeper look at our research, check our blog: https://blog.reversinglabs.com/blog/suppy-chain-malware-detecting-malware-in-package-manager-repositories

MORE NEWS

TechRadar: New attacks exploit VSCode extensions and npm packages
News | December 20, 2024
TechRadar: New attacks exploit VSCode extensions and npm packages
Developers targeted by malicious Microsoft VSCode extensions
Read More
Forbes: Warning Crypto Investors—This Malicious Code Could Empty Your Wallet
News | December 20, 2024
Forbes: Warning Crypto Investors—This Malicious Code Could Empty Your Wallet
ReversingLabs explained how attackers often use multiple platforms to spread their malware, creating a more extensive attack surface that targets developers across ecosystems.
Read More
Bleeping Computer: Malicious Microsoft VSCode extensions target devs, crypto community
News | December 20, 2024
Bleeping Computer: Malicious Microsoft VSCode extensions target devs, crypto community
In a report by Reversing Labs, researchers say the malicious extensions first appeared in the VSCode marketplace in October.
Read More