Tag
dependency-hijacking
Safeguard articles tagged "dependency-hijacking" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Threat Research
Repojacking Explained: Hijacking Abandoned Repository Names
Repojacking lets an attacker claim a renamed or deleted GitHub namespace and serve malicious code to everyone still referencing the old path. Here is how it works.
Jul 7, 20266 min read
Concepts
What is Repo-Jacking
Repo-jacking hijacks renamed or deleted GitHub namespaces to serve attacker code at trusted URLs. Here's how the redirect trick works and how to audit your exposure.
May 5, 20247 min read
Software Supply Chain Security
Dependency Hijacking Prevention: A Comprehensive Guide
Dependency hijacking encompasses multiple attack techniques that redirect dependency resolution to attacker-controlled packages. This guide covers all major hijacking vectors and their countermeasures.
Nov 5, 20235 min read