The PowerShell Gallery’s Achilles’ heel: Typosquatting and More Supply Chain Attacks
Microsoft’s PowerShell Gallery Exposes Software Supply Chain Risk Researchers at Aqua Nautilus have identified a potential security risk in Microsoft’s PowerShell Gallery, citing weak protections against attackers uploading malicious packages to the online repository. The team tested the repository’s policies and discovered that threat actors could easily abuse them to spoof legitimate packages and make…