Postmortem Index

Explore incident reports from various companies

Bintray

In July 2017 several malicious Maven packages were included in JCenter with an impersonation attack. Those packages lived in JCenter for over a year and supposedly affected several Android apps that resulted in having malware code injected by those dependencies from JCenter.

Source | Edit Metadata | JSON file