URL has been copied successfully!
Malicious PyPI package with 37,000 downloads steals AWS keys
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Malicious PyPI package with 37,000 downloads steals AWS keys

by

Andy Stern
in

Tags: , , ,

A malicious Python package named ‘fabrice’ has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services credentials from unsuspecting developers.

First seen on bleepingcomputer.com

Jump to article: www.bleepingcomputer.com/news/security/malicious-pypi-package-with-37-000-downloads-steals-aws-keys/

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Malicious PyPI Package ‘Fabrice’ Found Stealing AWS Keys from Thousands of Developers
  2. Fabrice Malware on PyPI Has Been Stealing AWS Credentials for 3 Years
  3. VirusTotal Celebrates 20th Anniversary, What’s Next?
  4. Securing software repositories leads to better OSS security