Six Malicious Python Packages in the PyPI Targeting Windows Users
Malicious packages on PyPI copy W4SP attacks to steal users’ credentials and crypto wallet data. This incident illustrates issues in open-source ecosystems.
W4SP continues to nest in PyPI: Same supply chain attack, different distribution method
Here's ReversingLabs' discoveries and indicators of compromise (IOCs) for W4SP, as well as links to our YARA rule that can be used to detect the malicious Python packages in your environment.
W4SP continues to nest in PyPI: Same supply chain attack, different distribution method
Here's ReversingLabs' discoveries and indicators of compromise (IOCs) for W4SP, as well as links to our YARA rule that can be used to detect the malicious Python packages in your environment.
Phylum Discovers Dozens More PyPI Packages Attempting to Deliver W4SP Stealer in Ongoing Supply-Chain Attack
Last week, our automated risk detection platform alerted us to suspicious activity in dozens of newly published PyPI packages. Here's what we uncovered.
Phylum Discovers Dozens More PyPI Packages Attempting to Deliver W4SP Stealer in Ongoing Supply-Chain Attack
Last week, our automated risk detection platform alerted us to suspicious activity in dozens of newly published PyPI packages. Here's what we uncovered.