Mastodon - 2024-09-14T07:16:37Z

Mastodon

Dynamic dependency resolution, sprawl biasing for TTM, and lack of CI/CD POLA is one of the more frightening industry developments over the past decade. CI/CD systems often have the most access and are the least frequently hardened.

“This attack technique involves hijacking PyPI software packages by manipulating the option to re-register them once they’re removed from PyPI’s index by the original owner; a technique we’ve dubbed “Revival Hijack”.”

jfrog.com/blog/revival-hijack-

Mastodon Source 🐘