Neowin

Microsoft fails to fix major PowerShell Gallery security flaws even after claiming it did

A security threat research team had notified Microsoft about several major security vulnerabilities in its PowerShell Gallery. The flaws remain even after the tech giant claimed they were fixed. The ...
CSOonline

Report: PowerShell Gallery susceptible to typosquatting and other package-management attacks

Aqua Security says PowerShell issue can allow attacks involving registration of malicious packages with names similar to existing popular package names when developers make mistakes. Researchers are ...
Bleeping Computer

Microsoft PowerShell Gallery vulnerable to spoofing, supply chain attacks

Lax policies for package naming on Microsoft’s PowerShell Gallery code repository allow threat actors to perform typosquatting attacks, spoof popular packages and potentially lay the ground for ...
Dark Reading

PowerShell Gallery Prone to Typosquatting, Other Supply Chain Attacks

Microsoft's PowerShell Gallery presents a software supply chain risk because of its relatively weak protections against attackers who want to upload malicious packages to the online repository, ...
Infosecurity-magazine.com

Critical Flaws in PowerShell Gallery Enable Malicious Exploits

Aqua Nautilus has uncovered critical vulnerabilities persisting within the PowerShell Gallery, resulting in a fertile ground for malicious actors to exploit and launch attacks. These vulnerabilities, ...