{"id":53636,"date":"2023-09-12T16:00:12","date_gmt":"2023-09-12T16:00:12","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/35003\/Thousands-Of-Code-Packages-Vulnerable-To-Repojacking-Attacks.html"},"modified":"2023-09-12T16:00:12","modified_gmt":"2023-09-12T16:00:12","slug":"thousands-of-code-packages-vulnerable-to-repojacking-attacks","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\/","title":{"rendered":"Thousands Of Code Packages Vulnerable To Repojacking Attacks"},"content":{"rendered":"<p><strong>Despite GitHub\u2019s efforts to prevent repository hijacking, cybersecurity researchers continue finding new attack methods, and thousands of code packages and millions of users could be at risk.<\/strong>\n<\/p>\n<p><a href=\"https:\/\/www.securityweek.com\/github-account-renaming-could-have-led-supply-chain-attacks\/\" target=\"_blank\" rel=\"noreferrer noopener\">Repojacking<\/a> is a repository hijacking method that involves renamed GitHub usernames. If a user renames their account, their old username can be registered by someone else, including malicious actors, and potentially abused for supply chain attacks.\n<\/p>\n<p>Threat actors may be able to register an old username and create repositories that were previously associated with the old username, which could allow them to route traffic intended for the legitimate repository to their malicious repository.&nbsp;\n<\/p>\n<p>In order to prevent such attacks, GitHub has been implementing a retired namespace protection mechanism and it has been warning users about the potential risks associated with changing usernames.&nbsp;\n<\/p>\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img decoding=\"async\" fetchpriority=\"high\" width=\"682\" height=\"466\" src=\"https:\/\/www.securityweek.com\/wp-content\/uploads\/2023\/09\/GitHub-retired-namespace.png\" alt class=\"wp-image-34934\" srcset=\"https:\/\/www.securityweek.com\/wp-content\/uploads\/2023\/09\/GitHub-retired-namespace.png 682w, https:\/\/www.securityweek.com\/wp-content\/uploads\/2023\/09\/GitHub-retired-namespace-360x246.png 360w\" sizes=\"(max-width: 682px) 100vw, 682px\"><\/figure>\n<\/div>\n<p>The namespace is the combination between the username and a specific repository name \u2014 for example, <em>github.com\/<\/em><strong><em>username\/repo_name<\/em><\/strong>. If a user changes the username, the old username\u2019s new owner cannot create a repository named \u2018repo_name\u2019 if the repository was previously cloned 100 times. This means that GitHub has retired the namespace.&nbsp;\n<\/p>\n<p>The problem is that researchers continue finding ways to <a href=\"https:\/\/blog.aquasec.com\/github-dataset-research-reveals-millions-potentially-vulnerable-to-repojacking\" target=\"_blank\" rel=\"noreferrer noopener\">bypass GitHub\u2019s namespace retirement mechanism<\/a> and conduct repojacking.&nbsp;\n<\/p>\n<p>The most recently disclosed attack method was discovered by researchers at cybersecurity firm Checkmarx in March and it was recently fixed by GitHub.&nbsp;\n<\/p>\n<p>This <a href=\"https:\/\/checkmarx.com\/blog\/persistent-threat-new-exploit-puts-thousands-of-github-repositories-and-millions-of-users-at-risk\/\" target=\"_blank\" rel=\"noreferrer noopener\">new method<\/a> leveraged a race condition, with an API request being used to almost simultaneously create a new repository and change the account\u2019s username.&nbsp;<\/p>\n<div class=\"zox-post-ad-wrap\"><span class=\"zox-ad-label\">Advertisement. Scroll to continue reading.<\/span><\/div>\n<p>If the attacker renames their account to the targeted username and later attempts to create a repository that would result in the creation of a retired namespace, their attempt would be blocked.\n<\/p>\n<p>However \u2014 before GitHub rolled out a fix \u2014 if the account renaming and the repository creation were done at the same time, the attempt would be successful, enabling the attacker to obtain a namespace that would allow them to redirect traffic to their malicious repository.&nbsp;\n<\/p>\n<p>Checkmarx\u2019s analysis showed that roughly 4,000 code packages in Go, PHP, Swift, as well as GitHub Actions were impacted, including hundreds of packages with more than 1,000 stars.&nbsp;\n<\/p>\n<p>\u201cPoisoning a popular GitHub action could lead to major Supply Chain attacks with significant repercussions,\u201d Checkmarx warned.&nbsp;<br \/>The problem is that these packages will continue to be vulnerable to repojacking if a new bypass method is discovered in the future.&nbsp;\n<\/p>\n<p>\u201cThe discovery of this novel vulnerability in GitHub\u2019s repository creation and username renaming operations underlines the persistent risks associated with the \u2018Popular repository namespace retirement\u2019 mechanism,\u201d Checkmarx said in a blog post.\n<\/p>\n<p>It added, \u201cMany GitHub users, including users that control popular repositories and packages, choose to use the \u2018User rename\u2019 feature GitHub offers. For that reason, the attempt to bypass the \u2018Popular repository namespace retirement\u2019 remains an attractive attack point for supply chain attackers with the potential to cause substantial damages.\u201d\n<\/p>\n<p>The security firm has released an open source tool named <a href=\"https:\/\/github.com\/Checkmarx\/chainjacking\" target=\"_blank\" rel=\"noreferrer noopener\">ChainJacking<\/a> that can be used to identify vulnerable packages.&nbsp;\n<\/p>\n<p><strong>Related<\/strong>: <a href=\"https:\/\/www.securityweek.com\/developers-warned-of-malicious-pypi-npm-ruby-packages-targeting-macs\/\">Developers Warned of Malicious PyPI, NPM, Ruby Packages Targeting Macs<\/a>\n<\/p>\n<p><strong>Related<\/strong>: <a href=\"https:\/\/www.securityweek.com\/chatgpt-hallucinations-can-be-exploited-to-distribute-malicious-code-packages\/\">ChatGPT Hallucinations Can Be Exploited to Distribute Malicious Code Packages<\/a>\n<\/p>\n<p><strong>Related<\/strong>: <a href=\"https:\/\/www.securityweek.com\/malicious-nuget-packages-used-to-target-net-developers\/\">Malicious NuGet Packages Used to Target .NET Developers<\/a>\n<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/35003\/Thousands-Of-Code-Packages-Vulnerable-To-Repojacking-Attacks.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":53637,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[145],"class_list":["post-53636","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinehackerdata-lossflaw"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Thousands Of Code Packages Vulnerable To Repojacking Attacks 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Thousands Of Code Packages Vulnerable To Repojacking Attacks 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-09-12T16:00:12+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.securityweek.com\/wp-content\/uploads\/2023\/09\/GitHub-retired-namespace.png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Thousands Of Code Packages Vulnerable To Repojacking Attacks\",\"datePublished\":\"2023-09-12T16:00:12+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\\\/\"},\"wordCount\":554,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/09\\\/thousands-of-code-packages-vulnerable-to-repojacking-attacks.png\",\"keywords\":[\"headline,hacker,data loss,flaw\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\\\/\",\"name\":\"Thousands Of Code Packages Vulnerable To Repojacking Attacks 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/09\\\/thousands-of-code-packages-vulnerable-to-repojacking-attacks.png\",\"datePublished\":\"2023-09-12T16:00:12+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/09\\\/thousands-of-code-packages-vulnerable-to-repojacking-attacks.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/09\\\/thousands-of-code-packages-vulnerable-to-repojacking-attacks.png\",\"width\":682,\"height\":466},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,data loss,flaw\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackerdata-lossflaw\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Thousands Of Code Packages Vulnerable To Repojacking Attacks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Thousands Of Code Packages Vulnerable To Repojacking Attacks 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\/","og_locale":"en_US","og_type":"article","og_title":"Thousands Of Code Packages Vulnerable To Repojacking Attacks 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-09-12T16:00:12+00:00","og_image":[{"url":"https:\/\/www.securityweek.com\/wp-content\/uploads\/2023\/09\/GitHub-retired-namespace.png","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Thousands Of Code Packages Vulnerable To Repojacking Attacks","datePublished":"2023-09-12T16:00:12+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\/"},"wordCount":554,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/09\/thousands-of-code-packages-vulnerable-to-repojacking-attacks.png","keywords":["headline,hacker,data loss,flaw"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\/","url":"https:\/\/www.threatshub.org\/blog\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\/","name":"Thousands Of Code Packages Vulnerable To Repojacking Attacks 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/09\/thousands-of-code-packages-vulnerable-to-repojacking-attacks.png","datePublished":"2023-09-12T16:00:12+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/09\/thousands-of-code-packages-vulnerable-to-repojacking-attacks.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/09\/thousands-of-code-packages-vulnerable-to-repojacking-attacks.png","width":682,"height":466},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/thousands-of-code-packages-vulnerable-to-repojacking-attacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,data loss,flaw","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerdata-lossflaw\/"},{"@type":"ListItem","position":3,"name":"Thousands Of Code Packages Vulnerable To Repojacking Attacks"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/53636","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=53636"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/53636\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/53637"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=53636"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=53636"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=53636"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}