----------------------------------------------------------------------------------
@MSGID: 2:467/888.188 67000db9
Researchers have identified a dependency confusion vulnerability
impacting an archived Apache project called Cordova App Harness.
Dependency confusion attacks take place owing to the fact that package
managers check the public repositories before private registries, thus
allowing a threat actor to publish a malicious package with the same
name to a public package repository.
https://thehackernews.com/2024/04/apache-cordova-app-harness-targeted-in.html
2024-04-23 19:30:00+05:30
________________________________
--- UA.HACKER - твiй помiчник у сферi кiбербезпеки | читай ще +SECURITY +UA.IT
* Origin: Читай нас за допомогою
http://winpoint.org (2:467/888.188)
SEEN-BY: 463/68 877 1331 467/4 888 5001/100
5005/49 5015/255 5019/40 5020/848
SEEN-BY: 5020/1042 4441 12000 5030/49 1081 5060/900
5061/133 5075/128
@PATH: 467/888 5020/1042 4441