The JFrog Security Research team has uncovered a sophisticated malicious package named >>chimera-sandbox-extensions<< on the Python Package Index (PyPI), a widely used repository for Python software. Uploaded by a user identified as >>chimerai,<< this package was designed to exploit unsuspecting developers by targeting users of the chimera-sandbox environment, aiming to harvest sensitive credentials and critical [...] The post Hackers Upload Weaponized Packages to PyPI Repositories to Steal AWS Tokens and Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform. First seen on gbhackers.com Jump to article: gbhackers.com/hackers-upload-weaponized-packages-to-pypi-repositories/
