Hacker News
- Dependency Confusion: How I Hacked Into Apple, Microsoft and Other Companies https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610 402 comments
- Dependency Confusion: RCE via internal package name squatting https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610 6 comments
Lobsters
- Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610 17 comments security
- Why screen sharing and keyboard shortcuts dont work in all apps on wayland and what you can do to fix it! https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610 6 comments gnome
- How would CPAN fare under a dependency confusion attack, especially using a system like Pinto? https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610 4 comments perl
- Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610 29 comments programming
- Is Cargo vulnerable to this supply-chain attack? https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610?sk=991ef9a180558d25c5c6bc5081c99089 28 comments rust
- Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610?sk=991ef9a180558d25c5c6bc5081c99089 74 comments programming
- Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610?sk=991ef9a180558d25c5c6bc5081c99089 94 comments netsec
Linking pages
- Why the World Needs a Software Bill Of Materials Now | by Dr. Sybe Izaak Rispens | Medium https://drrispens.medium.com/why-the-world-needs-a-software-bill-of-materials-now-5a565df65dff 136 comments
- Researcher Breaches Systems of Over 35 Companies, Including Apple, Microsoft, and PayPal - MacRumors https://www.macrumors.com/2021/02/10/researcher-breaches-systems-of-over-35-companies/ 34 comments
- Let's talk about supply chain attacks and backdoored dependencies https://kerkour.com/supply-chain-attacks-and-backdoored-dependencies 26 comments
- Composer Security Hardening • PHP.Watch https://php.watch/articles/composer-security-hardening?r= 21 comments
- GitHub - cugu/gocap: List your dependencies capabilities and monitor if updates require more capabilities. https://github.com/cugu/gocap 19 comments
- New type of supply-chain attack hit Apple, Microsoft and 33 other companies | Ars Technica https://arstechnica.com/information-technology/2021/02/supply-chain-attack-that-fooled-apple-and-microsoft-is-attracting-copycats/ 14 comments
- Fixing the Dependency Confusion Vulnerability in 600+ Ruby Apps (2023) https://shopify.engineering/fixing-dependency-confusion-ruby-applications 6 comments
- An exploit let a security researcher into Apple, Microsoft, and PayPal - The Verge https://www.theverge.com/2021/2/10/22276857/security-researcher-repository-exploit-apple-microsoft-vulnerability 6 comments
- RubyGems dependency confusion attack side of things - Closer to Code https://mensfeld.pl/2021/02/rubygems-dependency-confusion-side-of-things 4 comments
- GitHub - chainguard-dev/ssc-reading-list: A reading list for software supply-chain security. https://github.com/chainguard-dev/ssc-reading-list 3 comments
- Model Confusion - Weaponizing ML models for red teams and bounty hunters https://5stars217.github.io/2023-08-08-red-teaming-with-ml-models/ 3 comments
- Snyk finds 200+ malicious npm packages, including Cobalt Strike dependency confusion attacks | Snyk https://snyk.io/blog/snyk-200-malicious-npm-packages-cobalt-strike-dependency-confusion-attacks/ 2 comments
- A First Look at Harden-Runner: The Must-Have GitHub Action To Prevent Supply Chain Attacks | by Wenqi Glantz | Better Programming https://betterprogramming.pub/a-first-look-at-harden-runner-the-must-have-github-action-to-prevent-supply-chain-attacks-d7707bbc106e?sk=db3c14979b5d8245822e6b6450d3e689 2 comments
- Meet Package Hunter: A tool for detecting malicious code in your dependencies | GitLab https://about.gitlab.com/blog/2021/07/23/announcing-package-hunter/ 1 comment
- Dependency Confusion Attack – What, Why, and How? - RedHunt Labs https://redhuntlabs.com/blog/dependency-confusion-attack-what-why-and-how.html 1 comment
- Addressing Dependency Confusion · chatr https://aaronbedra.com/post/dependency_confusion/ 1 comment
- DevOps threat matrix - Microsoft Security Blog https://security-blog-prod-wp01.azurewebsites.net/en-us/security/blog/2023/04/06/devops-threat-matrix/ 1 comment
- Supply chain attack for ink! Smart Contracts https://blog.inkscope.xyz/supply-chain-attack-for-ink-smart-contracts 1 comment
- Defending against side channel attacks via dependencies https://kushaldas.in/posts/defending-against-side-channel-attacks-via-dependencies.html 0 comments
- A cybersecurity view of COVID vaccine vendor chain. | World of Balgan https://www.balgan.world/cyber/cyberinsurance/cybersecurity/2021/02/11/cyberviewcovidchain.html 0 comments
Would you like to stay up to date with Rust? Checkout Rust
Weekly.
Related searches:
Search whole site: site:medium.com
Search title: Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies | by Alex Birsan | Medium
See how to search.