Apache Cordova App Harness Targeted in Dependency Confusion Attack
Researchers discovered a "dependency confusion" vulnerability in an archived Apache project, Cordova App Harness.
More info