Info Stealing Packages Hidden in PyPI
An info-stealing PyPI malware author was identified discreetly uploading malicious packages.
PyPI Attackers Still At It: Malicious Packages Drop Trojans and Info-stealers
Sonatype's malicious open source and malware detection systems found hundreds of malicious PyPI packages.
PyPI Phishing Campaign | JuiceLedger Threat Actor Pivots From Fake Apps to Supply Chain Attacks
A new threat actor is spreading infostealer malware through targeted attacks on developers and fraudulent cryptotrading applications.
Two more malicious Python packages in the PyPI
We used our internal automated system for monitoring open-source repositories and discovered two other malicious Python packages in the PyPI.
PyPI Phishing Campaign | JuiceLedger Threat Actor Pivots From Fake Apps to Supply Chain Attacks
A new threat actor is spreading infostealer malware through targeted attacks on developers and fraudulent cryptotrading applications.
Two more malicious Python packages in the PyPI
We used our internal automated system for monitoring open-source repositories and discovered two other malicious Python packages in the PyPI.
Two more malicious Python packages in the PyPI
We used our internal automated system for monitoring open-source repositories and discovered two other malicious Python packages in the PyPI.