Skip to Content

Phishing campaign floods package repositories

Updated on 2022-12-15

Some threat actors uploaded 144,294 phishing-related packages on open-source repositories, including NuGet (136,258), npm (212), and PyPI (7,894), posing supply chain risks. Read more: HOW 140K NUGET, NPM, AND PYPI PACKAGES WERE USED TO SPREAD PHISHING LINKS

Overview: Phishing campaign floods package repositories

Checkmarx and Illustria published a joint report on a ginormous phishing campaign that flooded the NuGet, NPM, and PyPi package repositories with more than 144,000 packages. Most of the packages used names related to hacking, cheats, and free resources and contained links in their description that redirected users to phishing sites.

Tags

Tags

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.