Microsoft’s Azure SDK site tricked into listing fake package

A security researcher was able to add a counterfeit test package to the official list of Microsoft Azure SDK latest releases.
The simple trick if abused by an attacker can give off the impression that their malicious package is part of the Azure SDK suite. […] This post appeared first on Bleeping Computer
Author: Ax Sharma