Microsoft warns enterprises of new 'dependency confusion' attack technique

Friday, 24 March, 2023

Microsoft warns enterprises of new 'dependency confusion' attack technique

<p>A Microsoft white paper has detailed a new concept called "dependency confusion" that attacks mixed app-building environments inside enterprises. It says that if an attacker learns the names of private libraries, they could register these names on public package repositories and upload public libraries having malicious code. The attack takes place when the package manager prioritises the library hosted on the public repository.</p> <p> </p>

Read full story at Zdnet

Tags:

Categories

Microsoft warns enterprises of new 'dependency confusion' attack technique

Also Read

Leaked Black Basta Chat Logs Reveal Ransomware Gang's Inner Workings

Apple Removes iCloud End-to-End Encryption for UK Users Following Government Demand

Global Security Concerns Lead Nations to Restrict DeepSeek AI App Usage

CISA Election Security Officials Placed on Leave Amid Internal Review

Cisco Hacked: Cyberattack Exposes Sensitive Data Amid Security Breach

XE Hacker Group Exploits VeraCore Zero-Day Vulnerability for Cyber Attacks

Hackers Exploit Google Tag Manager To Inject Malicious Code, Steal Data

LLM Hijackers Target DeepSeek V3 Model, Raising AI Security Concerns

Australia Bans DeepSeek AI on Government Devices Over Security Concerns

Subscribe To Our Newsletter.