RepoJacking is an Alarming Threat in the Cyber World
In this edition of the newsletter, we will take you through a rising yet threatening cyberattack that can impact millions of people.
Repository hijacking (or RepoJacking) is a supply chain vulnerability, technically similar to subdomain takeover, that impacts more than 70,000 open-source projects and almost everything from cryptocurrencies to web frameworks.?
This security flaw is trivial to exploit, causes remote code injection, and affects prime projects from companies like GitHub, Google, NodeJS, Facebook, Kubernetes, Amazon, and many others.
How Does RepoJacking Affect an Organization’s Network??
Attackers target accounts that have recently changed their usernames or been deleted. Attackers recreate an account, re-register the repositories using the previous username of the original users, and access the projects using the older repo URL for the updates.?
How to Protect Your Organization Against Repojacking
To prevent RepoJacking, organizations must use 2FA (Two-factor Authentication) as well as suspend or remove expired/idle accounts or domains.
For more information, read our most recent Blog , “What is RepoJacking and How Organizations are Vulnerable to It?”