Search cyberveille.decio.ch

Found 5 bookmarks

Custom sorting

Python Crypto Library Updated to Steal Private Keys

Yesterday, Phylum's automated risk detection platform discovered that the PyPI package aiocpa was updated to include malicious code that steals private keys by exfiltrating them through Telegram when users initialize the crypto library. While the attacker published this malicious update to PyPI, they deliberately kept the package's GitHub repository clean

#phylum #EN #2024 #Python #Crypto #Library #PyPI #malicious #code #aiocpa #Supply-chain-attack

·blog.phylum.io·Nov 29, 2024

Python Crypto Library Updated to Steal Private Keys

Malicious Python Package Targets macOS Developers

A package called “lr-utils-lib” was uploaded to PyPi in early June 2024, containing malicious code that executes automatically upon installation. The malware uses a list of predefined hashes to target specific macOS machines and attempts to harvest Google Cloud authentication data. The harvested credentials are sent to a remote server.

#checkmarx #EN #2024 #macOS #stealer #Supply-chain-attack #PyPI #pypi-malware #lr-utils-lib #developpers

·checkmarx.com·Jul 29, 2024

Malicious Python Package Targets macOS Developers

Iraq-based cybercriminals deploy malicious Python packages to steal data

An information-stealing script embedded in a Python package on the popular repository PyPI appears to be connected to a cybercriminal operation based in Iraq, according to researchers at Checkmarx.

#therecord.media #EN #2024 #PyPI #Python #Infostealer #Supply-chain-attack

·therecord.media·Jul 18, 2024

Iraq-based cybercriminals deploy malicious Python packages to steal data