Search cyberveille.decio.ch

Found 15 bookmarks

Custom sorting

Python Crypto Library Updated to Steal Private Keys

Yesterday, Phylum's automated risk detection platform discovered that the PyPI package aiocpa was updated to include malicious code that steals private keys by exfiltrating them through Telegram when users initialize the crypto library. While the attacker published this malicious update to PyPI, they deliberately kept the package's GitHub repository clean

#phylum #EN #2024 #Python #Crypto #Library #PyPI #malicious #code #aiocpa #Supply-chain-attack

·blog.phylum.io·Nov 29, 2024

Python Crypto Library Updated to Steal Private Keys

Iraq-based cybercriminals deploy malicious Python packages to steal data

An information-stealing script embedded in a Python package on the popular repository PyPI appears to be connected to a cybercriminal operation based in Iraq, according to researchers at Checkmarx.

#therecord.media #EN #2024 #PyPI #Python #Infostealer #Supply-chain-attack

·therecord.media·Jul 18, 2024

Iraq-based cybercriminals deploy malicious Python packages to steal data

Russia-linked 'Lumma' crypto stealer now targets Python devs

Sonatype's automated malware detection systems identified a malicious PyPI package called crytic-compilers, connected to Russia-linked Lumma Windows stealer, and named very closely after a well-known legitimate Python library that is used by cryptocurrency developers.

#sonatype #EN #2024 #PyPI #Lumma #Python #cryptocurrency #developers

·sonatype.com·Jun 9, 2024

Russia-linked 'Lumma' crypto stealer now targets Python devs

Cybercriminals pose as "helpful" Stack Overflow users to push malware

Cybercriminals are abusing Stack Overflow in an interesting approach to spreading malware—answering users' questions by promoting a malicious PyPi package that installs Windows information-stealing malware.

#bleepingcomputer #EN #2024 #Information-stealing-malware #Packages #PyPI #Python #Stack-OverFlow #pytoileur

·bleepingcomputer.com·May 30, 2024

Cybercriminals pose as "helpful" Stack Overflow users to push malware

A pernicious potpourri of Python packages in PyPI

The past year has seen over 10,000 downloads of malicious packages hosted on the official Python package repository, ESET research finds.

#welivesecurity #EN #2023 #Python #packages #malicious #PyPI

·welivesecurity.com·Dec 15, 2023

A pernicious potpourri of Python packages in PyPI

Bad Actors Are Joining the AI Revolution: Here’s What We’ve Found in the Wild

Follow security researchers as they uncover malicious packages on open-source registries, trace bad actors to Discord, and unveil AI-assisted code.

#hackernoon #EN #2023 #python #PyPI #Supply-Chain-Attack #ChatGPT

·hackernoon.com·May 3, 2023

Bad Actors Are Joining the AI Revolution: Here’s What We’ve Found in the Wild

Supply Chain Attack Using Identical PyPI Packages, “colorslib”, “httpslib”, and “libhttps”

The FortiGuard Labs team discovered an attack embedded in three PyPI packages called ‘colorslib’, ‘httpslib’, and “libhttps”. Read our blog to learn more.

#fortinet #EN #2023 #threat-research #Threat-Research #security-attack #libhttps #httpslib #colorslib #python #PyPI

·fortinet.com·Jan 16, 2023

Supply Chain Attack Using Identical PyPI Packages, “colorslib”, “httpslib”, and “libhttps”

SentinelSneak: Malicious PyPI module poses as security software development kit

A malicious Python file found on the PyPI repo adds backdoor and data exfiltration features to what appears to be a legitimate SDK client from SentinelOne.

#reversinglabs #EN #2022 #PyPI #Supply-chain-security #Python #exfiltration #module #kit

·blog.reversinglabs.com·Dec 20, 2022

SentinelSneak: Malicious PyPI module poses as security software development kit

W4SP continues to nest in PyPI: Same supply chain attack, different distribution method

Here's ReversingLabs' discoveries and indicators of compromise (IOCs) for W4SP, as well as links to our YARA rule that can be used to detect the malicious Python packages in your environment.

#develop.secure.software #EN #2022 #W4SP #YARA #Python #PyPI

·develop.secure.software·Dec 5, 2022

W4SP continues to nest in PyPI: Same supply chain attack, different distribution method

Two more malicious Python packages in the PyPI

We used our internal automated system for monitoring open-source repositories and discovered two other malicious Python packages in the PyPI.

#securelist #2022 #EN #PyPI #Credentials-theft #Data-theft #Malware #Open-source #Python #Trojan

·securelist.com·Aug 16, 2022

Two more malicious Python packages in the PyPI

Supply Chain Attack Using Identical PyPI Packages, “colorslib”, “httpslib”, and “libhttps”

The FortiGuard Labs team discovered an attack embedded in three PyPI packages called ‘colorslib’, ‘httpslib’, and “libhttps”. Read our blog to learn more.

#fortinet #EN #2023 #threat-research #Threat-Research #security-attack #libhttps #httpslib #colorslib #python #PyPI

·fortinet.com·Jan 16, 2023

Supply Chain Attack Using Identical PyPI Packages, “colorslib”, “httpslib”, and “libhttps”

SentinelSneak: Malicious PyPI module poses as security software development kit

A malicious Python file found on the PyPI repo adds backdoor and data exfiltration features to what appears to be a legitimate SDK client from SentinelOne.

#reversinglabs #EN #2022 #PyPI #Supply-chain-security #Python #exfiltration #module #kit

·blog.reversinglabs.com·Dec 20, 2022

SentinelSneak: Malicious PyPI module poses as security software development kit

W4SP continues to nest in PyPI: Same supply chain attack, different distribution method

Here's ReversingLabs' discoveries and indicators of compromise (IOCs) for W4SP, as well as links to our YARA rule that can be used to detect the malicious Python packages in your environment. 

#develop.secure.software #EN #2022 #W4SP #YARA #Python #PyPI

·develop.secure.software·Dec 5, 2022

W4SP continues to nest in PyPI: Same supply chain attack, different distribution method

Two more malicious Python packages in the PyPI

We used our internal automated system for monitoring open-source repositories and discovered two other malicious Python packages in the PyPI.

#securelist #2022 #EN #PyPI #Credentials-theft #Data-theft #Malware #Open-source #Python #Trojan

·securelist.com·Aug 16, 2022

Two more malicious Python packages in the PyPI

We used our internal automated system for monitoring open-source repositories and discovered two other malicious Python packages in the PyPI.

#securelist #2022 #EN #PyPI #Credentials-theft #Data-theft #Malware #Open-source #Python #Trojan

·securelist.com·Aug 16, 2022

Two more malicious Python packages in the PyPI