MavenGate Attack Could Let Hackers Hijack Java and Android via Abandoned Libraries
January 22, 2024 at 12:06PM New software supply chain attack method MavenGate targets public and popular libraries used in Java and Android apps. Vulnerabilities allow hijacking of artifacts and injecting malicious code. Oversecured sent reports to tech companies. Attack involves domain name purchases and exploiting abandoned libraries. Sonatype claims automation prevents attacks, but recommends end … Read more