When a threat actor compromises the coding of software the problems can be widepread – the SolarWinds attack and subsequent distribution of the infected software through legitimate update channels is a classic example. (Ironic but the SolarWinds customers who avoided the attack, were those with a poor cyber security stance when it came to updating their systems – they were the ones that did not update!)
I have written before about the issues of open source and “written for you” software – if you use either of these types of software then catch up on this article:
GitHub is a popular service used by many thousands of developers large and small to manage software development, code and code changes, and is a prime target for threat actors. A phishing attack has been discovered where the hackers are attempting to steal GitHub credentials and at he same time compromise the 2FA on the site:
Hackers stealing GitHub accounts using fake CircleCI notifications (bleepingcomputer.com)
The phishing attack includes the social engineering ploy of threatening the loss of an essential service to the user unless they login and agree to a change of the vendor’s privacy policy – in this case the threat actors are impersonating CircleCI.
Then there is Python…
Here is a compromise that has got into many hundreds of thousands of software projects because it has been around for 15 years!
15-year-old Python flaw found in ‘over 350,000’ projects • The Register
Clive Catton MSc (Cyber Security) – by-line and other articles
Further Reading
SolarWinds hack explained: Everything you need to know (techtarget.com)