CyberSecurity news

FlagThis

@www.csoonline.com //

Command Jacking: New Supply Chain Attack Technique Targets Open Source Package Entry Points


Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • CSO Online: Open source package entry points could be used for command jacking: Report
  • checkmarx.com: This new supply chain attack technique can Trojanize all your CLI commands
  • malware.news: This New Supply Chain Attack Technique Can Trojanize All Your CLI Commands
  • www.scworld.com: Command-jacking used to launch malicious code on open-source platforms
  • malware.news: Attackers hijack legitimate commands and run malicious code to launch supply chain attacks.
  • infosec.exchange: Dependence on open-source repositories has sparked a surge in malicious packages infiltrating software products.
  • securityonline.info: Security Online: Cybersecurity News and Research
  • securityonline.info: “Command-Jacking”: New Supply Chain Attack Hijacks CLI Tools
Classification:
  • HashTags: #SupplyChainAttack #OpenSourceSecurity #CommandJacking
  • Target: Developers
  • Product: Open Source Packages
  • Feature: Entry Points
  • Type: Vulnerability
  • Severity: Major