-
The Ruby version of this library makes reference to installing with `gem install flexpolyline` and is set up as a gem with that name.
However, the published version of this package at https://ruby…
-
Hi, I accidentally installed the `validates_url` gem (an empty "placeholder") because the repo name doesn't match the gem name.
I looks like the `validates_url` gem is available to use: https://rub…
-
**Describe the problem**
[This CNCF organization on ArtifactHub](https://artifacthub.io/packages/helm/cncf/gitlab) is probably a case of brandjacking. There are packages with the name of big open-s…
-
Hands-On Review: Memcyco’s Threat Intelligence Solution
Website impersonation, also known as brandjacking or website spoofing, has emerged as a significant threat to online businesses. Malicious act…
-
Suppose a legitimate npm package `@foo/bar`, attackers can deploy a malicious package `bar` to trick users. This could also work in other ecosystems having scopes or namespaces.
-
## Is your feature request related to a problem?
Yes. At the moment, account names in RubyGems are case-sensitive. This means, that those two links direct to different profiles:
- https://rubyge…
-
Hey,
My name is Maciej Mensfeld and I run a research security project called https://diffend.io.
I've noticed, that you have a mismatch between the repo name on GitHub (https://github.com/appopt…
-
Hey,
My name is Maciej Mensfeld and I run a research security project called diffend.io.
I've noticed, that you have a mismatch between the repo name on GitHub (https://github.com/elebow/ccharde…
-
Hey,
My name is Maciej Mensfeld and I run a research security project called [diffend.io.](https://diffend.io.)
I've noticed, that you have a mismatch between the repo name on GitHub (ruby-argon…