We use cookies to further personalise and enhance the user experience, conduct analytical research (for example, counting visits and traffic sources), place advertisements and contact third parties. Users can manage their cookie settings by clicking the "Choose your preferences" link.

Cookie policy

Product & Tech Blog

search
expand_more
expand_more

How we protected ourselves from the Dependency Confusion attack

Apple, Microsoft, Tesla and many others paid $130,000 to a single hacker for a supply chain attack called Dependency Confusion. Here is how we have mitigated this attack vector for our packages hosted in our internal Artifactory instance. Written by: Alexander Kjäll, Security Engineer at Schibsted Stian Kristoffersen, Security Engineer