Source |
Bleeping Computer |
Identifiant |
4785526 |
Date de publication |
2022-05-24 07:42:58 (vue: 2022-05-24 14:07:24) |
Titre |
Popular Python and PHP libraries hijacked to steal AWS keys (Recyclage) |
Texte |
PyPI module 'ctx' that gets downloaded over 20,000 times a week has been compromised in a software supply chain attack with malicious versions stealing the developer's environment variables. Additionally, versions of a 'phpass' fork published to the PHP/Composer package repository Packagist had been altered to steal secrets. [...] |
Envoyé |
Oui |
Condensat |
000 additionally altered attack aws been chain compromised ctx developer downloaded environment fork gets has hijacked keys libraries malicious over package packagist had php php/composer phpass popular published pypi module python repository secrets software steal stealing supply times variables versions week |
Tags |
|
Stories |
|
Notes |
|
Move |
|
Source |
Bleeping Computer |
Identifiant |
4784234 |
Date de publication |
2022-05-24 07:42:58 (vue: 2022-05-24 12:07:00) |
Titre |
Popular PyPI and PHP libraries hijacked to steal AWS keys |
Texte |
PyPI module 'ctx' that gets downloaded over 20,000 times a week has been compromised in a software supply chain attack with malicious versions stealing the developer's environment variables. Additionally, versions of a 'phpass' fork published to the PHP/Composer package repository Packagist had been altered to steal secrets. [...] |
Envoyé |
Oui |
Condensat |
000 additionally altered attack aws been chain compromised ctx developer downloaded environment fork gets has hijacked keys libraries malicious over package packagist had php php/composer phpass popular published pypi pypi module repository secrets software steal stealing supply times variables versions week |
Tags |
|
Stories |
|
Notes |
|
Move |
|