On December 4, 2024, the Ultralytics Python module was backdoored to deploy a cryptominer. Using GitGuardian’s data, we reconstructed deleted commits, connecting the dots with the initial analysis. This investigation highlights the value of GitGuardian’s data in understanding supply chain attacks.

The post The Ultralytics Supply Chain Attack: Connecting the Dots with GitGuardian’s Public Monitoring Data appeared first on Security Boulevard.

Guillaume Valadon

Source: Security Boulevard
Source Link: https://securityboulevard.com/2024/12/the-ultralytics-supply-chain-attack-connecting-the-dots-with-gitguardians-public-monitoring-data/