All posts by

Alexander Kjäll, Stian Kristoffersen and Ståle Pettersen


How we protected ourselves from the Dependency Confusion attack

Apple, Microsoft, Tesla and many others paid $130,000 to a single hacker for a supply chain attack called Dependency Confusion. Here is how we have mitigated this attack vector for our packages hosted in our internal Artifactory instance. Written by: Alexander Kjäll, Security Engineer at Schibsted Stian Kristoffersen, Security Engineer