JFrog Detects Malicious PyPi package Stealing Crypto Tokens
Learn how JFrog detected a malicious package that steals MEXC credentials and crypto trading tokens to buy and sell futures on crypto trading platforms.
Uncovering thousands of unique secrets in PyPI packages
Security Researcher Tom Forbes worked with the GitGuardian team to analyze all the code committed to PyPi packages and surfaced thousands of hardcoded credentials.