How a project that was closed 5 years ago almost led to a disaster for the supply chain.
Recently, security researchers identified a new Dependency Confusion vulnerability affecting an archived Apache project called Cordova App Harness.
Thanks to the vulnerability, attackers can force the...