New Open-source Dependency Confusion Vulnerability Threatens Software Supply Chain

Inside AppSec - A podcast by Contrast Security

Categories:

Newly discovered dependency confusion vulnerability found in 35 enterprises—and counting—and threatens software supply chain. Bad actors could inject malicious code without any victim action by redirecting open-source updates to compromised open-source code repos. In this Inside AppSec Podcast, Contrast Security's Director of Security Research discusses why dependency confusion poses a serious threat and how they can detect and remediate the vulnerability before bad actors exploit it.