Fake recruiter coding tests target devs with malicious Python packages
RL found the VMConnect campaign continuing with malicious actors posing as recruiters, using packages and the names of financial firms to lure developers.
SentinelSneak: Malicious PyPI module poses as security software development kit
A malicious Python file found on the PyPI repo adds backdoor and data exfiltration features to what appears to be a legitimate SDK client from SentinelOne.
SentinelSneak: Malicious PyPI module poses as security software development kit
A malicious Python file found on the PyPI repo adds backdoor and data exfiltration features to what appears to be a legitimate SDK client from SentinelOne.