More than 20,000 Python Package Index packages could be hijacked with the novel Revival Hijack supply chain attack technique, which has already been leveraged by threat actors since March, indicating an elevated risk of downstream compromise, according to The Hacker News. Attacks enable PyPI software takeovers by re-registering packages upon their removal from the index, an analysis from JFrog showed. With more than 300 packages removed from the PyPI repository a month, threat actors could facilitate more effective intrusions, compared with the typosquatting technique, said JFrog researchers. Such a threat should prompt continuous monitoring of DevOps pipelines to ensure that removed packages are not reinstalled. "The PyPI package attack surface is continually growing. Despite proactive intervention here, users should always stay vigilant and take the necessary precautions to protect themselves and the PyPI community from this hijack technique," said JFrog Security Research Team Lead Brian Moussalli.
Supply chain, Threat Intelligence
Widespread PyPI package takeovers likely with new supply chain attack technique

Python code (Adobe Stock Images)
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds