Monday, August 21, 2023

Microsoft PowerShell Gallery getting fake malicious packages

This a warning worth repeating. Microsoft’s PowerShell Gallery (https://www.powershellgallery.com/) is being overrun with fake packages. 

Source: https://www.bleepingcomputer.com/news/security/microsoft-powershell-gallery-vulnerable-to-spoofing-supply-chain-attacks/
Spot the fake package









Lax policies for package naming on Microsoft’s PowerShell Gallery code repository allow threat actors to perform typosquatting attacks, spoof popular packages and potentially lay the ground for massive supply chain attacks.

PowerShell Gallery is a Microsoft-run online repository of packages uploaded by the wider PowerShell community, hosting a large number of scripts and cmdlet modules for various purposes.

Source: Microsoft PowerShell Gallery vulnerable to spoofing, supply chain attacks (bleepingcomputer.com)

No comments:

Post a Comment