SentinelSneak: Malicious PyPI module poses as security software development kit
A malicious Python file found on the PyPI repo adds backdoor and data exfiltration features to what appears to be a legitimate SDK client from SentinelOne.
W4SP continues to nest in PyPI: Same supply chain attack, different distribution method
Here's ReversingLabs' discoveries and indicators of compromise (IOCs) for W4SP, as well as links to our YARA rule that can be used to detect the malicious Python packages in your environment.
Two more malicious Python packages in the PyPI
We used our internal automated system for monitoring open-source repositories and discovered two other malicious Python packages in the PyPI.
SentinelSneak: Malicious PyPI module poses as security software development kit
A malicious Python file found on the PyPI repo adds backdoor and data exfiltration features to what appears to be a legitimate SDK client from SentinelOne.
W4SP continues to nest in PyPI: Same supply chain attack, different distribution method
Here's ReversingLabs' discoveries and indicators of compromise (IOCs) for W4SP, as well as links to our YARA rule that can be used to detect the malicious Python packages in your environment.
Two more malicious Python packages in the PyPI
We used our internal automated system for monitoring open-source repositories and discovered two other malicious Python packages in the PyPI.
Two more malicious Python packages in the PyPI
We used our internal automated system for monitoring open-source repositories and discovered two other malicious Python packages in the PyPI.