This Week in Malware—Ongoing dependency confusion

This Week in Malware—Ongoing dependency confusion

This week in malware, Sonatype's automated malware detection systems have flagged over four dozen packages on both the npm and PyPI registries. Most of these packages are dependency confusion candidates published as proof-of-concept (PoC) exercises by security enthusiasts and bug bounty hunters.

Article Link: This Week in Malware—Ongoing dependency confusion