Researcher adds his fake package to Microsoft Azure SDK releases list

A security researcher was able to add a counterfeit test package to the official list of Microsoft Azure SDK latest releases.
The simple trick if abused by an attacker can give off the impression that their malicious package is part of the Azure SDK suite. […] This post appeared first on Bleeping Computer
Author: Ax Sharma