Tag: package repository

Researchers at JFrog have recently discovered a PyPI supply chain attack technique being exploited in the wild, dubbed “Revival Hijack”. This technique can be used to hijack Python packages hosted on PyPI by manipulating the option to re-register(revive) their names once the owner takes them down. A package repository is a centralized…