Threat actors are utilizing an attack called "Revival Hijack," where they register new PyPi projects using the names of previously deleted packages to conduct supply chain attacks.
https://www.bleepingcomputer.com/news/security/revival-hijack-supply-chain-attack-threatens-22-000-pypi-packages/
BleepingComputer /
npub1j7…v7hg2
2024-09-04 13:43:54
Author Public Key
npub1j7dz37jrwqhehe8ydzpk5kcjpnzzv53h7s54lj62nv5w9fcar34suv7hg2Published at
2024-09-04 13:43:54Event JSON
{
"id": "44577b09dd182cc7c050c732a560b9fe67ebadedefa934b4068fb7953e3d7a70",
"pubkey": "979a28fa43702f9be4e468836a5b120cc4265237f4295fcb4a9b28e2a71d1c6b",
"created_at": 1725457434,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/users/BleepingComputer/statuses/113079578396117483",
"activitypub"
]
],
"content": "Threat actors are utilizing an attack called \"Revival Hijack,\" where they register new PyPi projects using the names of previously deleted packages to conduct supply chain attacks.\n\nhttps://www.bleepingcomputer.com/news/security/revival-hijack-supply-chain-attack-threatens-22-000-pypi-packages/",
"sig": "d55ba02524d93f7d00c23585ba26322a634c8d37c716cc65f3e1b1935248a39246d878e284f54b1705452b96c11547bc15b2762f35ee06bafcf31ab7278859a8"
}