Tag: pypi

New PyPI Archiving System Aims to Curb Open-Source Security Risks

Feb 4, 2025 10:12 PM

Tags: open-source, pypi, risk

First seen on scworld.com Jump to article: www.scworld.com/brief/new-pypi-archiving-system-aims-to-curb-open-source-security-risks
Hackers impersonate DeepSeek to distribute malware

Feb 4, 2025 2:12 PM

Tags: access, ai, api, attack, automation, breach, china, cloud, computer, credentials, cyberattack, data, hacker, infrastructure, leak, LLM, malicious, malware, ml, pypi, threat, tool, vulnerability

To make things worse than they already are for DeepSeek, hackers are found flooding the Python Package Index (PyPI) repository with fake DeepSeek packages carrying malicious payloads.According to a discovery made by Positive Expert Security Center (PT ESC), a campaign was seen using this trick to dupe unsuspecting developers, ML engineers, and AI enthusiasts looking…
Beware of Fake DeepSeek PyPI packages that Delivers Malware

Feb 4, 2025 10:12 AM

Tags: ai, cyber, data, exploit, malicious, malware, pypi, tool

The Positive Technologies Expert Security Center (PT ESC) recently uncovered a malicious campaign targeting the Python Package Index (PyPI) repository. The campaign involved two packages, named deepseeek and deepseekai, designed to collect sensitive user data and environment variables. These packages exploited the growing interest in AI and machine learning tools, particularly targeting developers and AI…
Hackers Hide Malware in Fake DeepSeek PyPI Packages

Feb 4, 2025 5:12 AM

Tags: api, attack, data, hacker, malicious, malware, pypi

Malicious DeepSeek packages on PyPI spread malware, stealing sensitive data like API keys. Learn how this attack targeted developers and how to protect yourself. First seen on hackread.com Jump to article: hackread.com/hackers-hide-malware-fake-deepseek-pypi-packages/
AI Malware Dressed Up as DeepSeek Packages Lurk in PyPi

Feb 4, 2025 12:12 AM

Tags: ai, malware, pypi, technology

Adversaries looking to ride the DeepSeek interest wave are taking advantage of developers in a rush to deploy the new technology, by using AI-generated malware against them. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/ai-malware-deepseek-packages-pypi
New PyPI project archiving system aims to curb open-source security risks

Feb 3, 2025 9:12 PM

Tags: open-source, pypi, risk

First seen on scworld.com Jump to article: www.scworld.com/brief/new-pypi-project-archiving-system-aims-to-curb-open-source-security-risks
DeepSeek AI tools impersonated by infostealer malware on PyPI

Feb 3, 2025 6:12 PM

Tags: ai, malicious, malware, pypi, threat, tool

Threat actors are taking advantage of the rise in popularity of the DeepSeek to promote two malicious infostealer packages on the Python Package Index (PyPI), where they impersonated developer tools for the AI platform. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/deepseek-ai-tools-impersonated-by-infostealer-malware-on-pypi/
DeepSeek’s popularity exploited to push malicious packages via PyPI

Feb 3, 2025 3:12 PM

Tags: exploit, malicious, pypi

Two malicious packages leveraging the DeepSeek name have been published to the Python Package Index (PyPI) package repository, and in the 30 minutes or so they were up, they … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/03/deepseeks-popularity-exploited-to-push-malicious-packages-via-pypi/
PyPI Introduces Archival Status to Alert Users About Unmaintained Python Packages

Feb 3, 2025 3:12 PM

Tags: pypi, supply-chain, update

The maintainers of the Python Package Index (PyPI) registry have announced a new feature that allows package developers to archive a project as part of efforts to improve supply chain security.”Maintainers can now archive a project to let users know that the project is not expected to receive any more updates,” Facundo Tuesca, senior engineer…
PyPI adds project archiving system to stop malicious updates

Feb 3, 2025 1:12 PM

Tags: malicious, pypi, update

The Python Package Index (PyPI) has announced the introduction of ‘Project Archival,’ a new system that allows publishers to archive their projects, indicating to the users that no updates are to be expected. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/pypi-adds-project-archiving-system-to-stop-malicious-updates/
Breach Roundup: Researchers Find Flaws in Palo Alto Firewalls

Jan 23, 2025 11:22 PM

Tags: breach, chatgpt, china, ddos, firewall, flaw, hacker, north-korea, pypi, russia, scam, threat, vpn

Also: US Prosecutors Charge Suspected North Korean IT Worker Collaborators. This week, researchers spied Palo Alto firewall flaws, a North Korean IT worker conspiracy, ChatGPT as DDoS vector. Chinese hackers targeted a VPN maker, a fake PyPi package and a Russian threat actor shifted tactics. BreachForums admin faces prison and scammers used the release of…
Python administrator moves to improve software security

Jan 23, 2025 8:22 AM

Tags: apache, attack, automation, best-practice, defense, exploit, firewall, github, group, Internet, malicious, malware, open-source, pypi, software, threat, tool

The administrators of the Python Package Index (PyPI) have begun an effort to improve the hundreds of thousands of software packages that are listed. The attempt, which began earlier last year, is to identify and stop malware-laced packages from proliferating across the open-source community that contributes and consumes Python software. As previously reported, hijacking Python…
Malicious npm and PyPI target Solana Private keys to steal funds from victims’ wallets

Jan 20, 2025 2:22 PM

Tags: data, malicious, pypi, threat

Researchers found malicious npm and PyPI packages capable of stealing and deleting sensitive data from infected systems. Socket researchers have identified multiple packages in the npm and Python Package Index (PyPI) repository designed to target Solana private keys and drain funds from victims’ wallets. The malicious npm packages allowed the threat actors to exfiltrate Solana…
Hackers Weaponize Security Testing By Weaponizing npm, PyPI, Ruby Exploit Packages

Jan 7, 2025 5:18 PM

Tags: attack, cyber, data, exploit, hacker, malicious, network, pypi, service, threat, tool

Over the past year, malicious actors have been abusing OAST services for data exfiltration, C2 channel establishment, and multi-stage attacks by leveraging compromised JavaScript, Python, and Ruby packages. OAST tools, initially designed for ethical researchers to perform network interactions, can also be exploited by threat actors for malicious purposes such as data exfiltration and pivot…
Top 12 ways hackers broke into your systems in 2024

Dec 31, 2024 8:27 AM

Tags: access, adobe, ai, api, apt, attack, authentication, backdoor, breach, business, china, cloud, control, corporate, credentials, cve, cvss, cyber, cybercrime, cybersecurity, data, data-breach, defense, detection, email, endpoint, exploit, finance, flaw, fortinet, government, group, hacker, healthcare, identity, infection, injection, Internet, iran, ivanti, jobs, malicious, malware, mfa, microsoft, mitigation, mobile, moveIT, north-korea, okta, open-source, phishing, pypi, ransomware, rce, remote-code-execution, risk, russia, scam, software, sql, strategy, supply-chain, tactics, theft, tool, unauthorized, update, vpn, vulnerability, zero-day

In 2024, hackers had a field day finding sneaky ways into systems, from convincing phishing scams that played on human curiosity to brutal software flaws that exposed gaps in tech upkeep. It was a year of clever breaches, showing just how wide the gap is between user habits and security practices.”While every year brings new…
Beware of New Malicious PyPI packages That Steals Login Details

Dec 26, 2024 10:43 AM

Tags: ai, cyber, cybersecurity, detection, fortinet, login, malicious, malware, pypi, threat

Two malicious Python packages, Zebo-0.1.0 and Cometlogger-0.1, were recently detected by Fortinet’s AI-driven OSS malware detection system. These packages, spotted on November 16 and November 24, 2024, respectively, represent significant threats to users by leveraging advanced malware techniques. These findings underscore the critical importance of robust cybersecurity measures to protect against such sophisticated threats. Malicious…
Researchers Uncover PyPI Packages Stealing Keystrokes and Hijacking Social Accounts

Dec 24, 2024 3:45 PM

Tags: cybersecurity, fortinet, malicious, pypi

Cybersecurity researchers have flagged two malicious packages that were uploaded to the Python Package Index (PyPI) repository and came fitted with capabilities to exfiltrate sensitive information from compromised hosts, according to new findings from Fortinet FortiGuard Labs.The packages, named zebo and cometlogger, attracted 118 and 164 downloads each, prior to them being taken down. First…
Top 7 zero-day exploitation trends of 2024

Dec 23, 2024 10:42 AM

Tags: access, ai, attack, authentication, backdoor, botnet, breach, bug-bounty, business, china, ciso, cloud, computing, control, corporate, cve, cyberespionage, cybersecurity, data, data-breach, defense, email, endpoint, exploit, firewall, flaw, framework, github, google, government, group, hacker, identity, infrastructure, injection, Internet, ivanti, kev, leak, linux, malicious, malware, ml, monitoring, moveIT, network, north-korea, open-source, password, programming, pypi, ransomware, remote-code-execution, risk, service, software, sql, supply-chain, tool, training, unauthorized, update, vpn, vulnerability, windows, zero-day

Zero-day vulnerabilities saw big growth once again in 2024. With no patch available, zero-day flaws give attackers a significant jump on cybersecurity defense teams, making them a critical weapon for attacking enterprise systems.But while all zero-days are essential for CISOs and their team to be aware of, and for vendors to remedy in a timely…
Compromised AI Library Delivers Cryptocurrency Miner via PyPI

Dec 9, 2024 6:07 PM

Tags: ai, crypto, exploit, github, pypi

The compromised ultralytics AI library delivered XMRig miner via GitHub Actions exploit First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-library-delivers-cryptocurrency/
Ultralytics AI Library Compromised: Cryptocurrency Miner Found in PyPI Versions

Dec 7, 2024 10:07 PM

Tags: ai, attack, crypto, intelligence, pypi, software, supply-chain

In yet another software supply chain attack, it has come to light that two versions of a popular Python artificial intelligence (AI) library named ultralytics were compromised to deliver a cryptocurrency miner.The versions, 8.3.41 and 8.3.42, have since been removed from the Python Package Index (PyPI) repository. A subsequently released version has introduced a security…
Supply chain compromise of Ultralytics AI library results in trojanized versions

Dec 7, 2024 1:48 AM

Tags: access, advisory, ai, backdoor, container, crypto, exploit, github, injection, malicious, malware, pypi, radius, service, software, supply-chain, threat, vulnerability

Attackers have compromised Ultralytics YOLO packages published on PyPI, the official Python package index, by compromising the build environment of the popular library for creating custom machine learning models. The malicious code deployed cryptocurrency mining malware on systems that installed the package, but the attackers could have delivered any type of malware.According to researchers from…
Beware Of Malicious PyPI Packages That Inject infostealer Malware

Dec 2, 2024 12:28 PM

Tags: attack, crypto, cyber, malicious, malware, pypi, update

Recent research uncovered a novel crypto-jacking attack targeting the Python Package Index (PyPI), where malicious actors uploaded a legitimate-seeming cryptocurrency client package, >>aiocpa,
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 22

Dec 1, 2024 8:28 PM

Tags: control, crypto, international, linux, malware, pypi, risk

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. A Case-Control Study to Measure Behavioral Risks of Malware Encounters in Organizations PyPI Python Library >>aiocpa
Check Point entdeckt Typosquatting-Kampagne über PyPI

Dec 1, 2024 8:27 PM

Tags: open-source, pypi, risk

Für Sicherheitskräfte ist es wichtig, auf das inhärente Risiko hinzuweisen, das mit Open-Source-Komponenten verbunden ist, auch angesichts der zunehme… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-entdeckt-typosquatting-kampagne-ueber-pypi/a36934/
Ein faules Potpourri aus Python-Paketen in PyPI

Dec 1, 2024 2:27 PM

Tags: pypi

First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/eset-research/ein-faules-potpourri-aus-python-paketen-in-pypi/
The Hidden Dangers in Open Source Libraries: A Closer Look at the Malicious Go Binary Hidden in a PyPI Package

Dec 1, 2024 1:19 AM

Tags: malicious, open-source, pypi

First seen on thefinalhop.com Jump to article: www.thefinalhop.com/the-hidden-dangers-in-open-source-libraries-a-closer-look-at-the-malicious-go-binary-hidden-in-a-pypi-package/
Cybersecurity Alert: MUT-8694 Supply Chain Attack Targets npm and PyPI Ecosystems

Nov 27, 2024 5:11 AM

Tags: attack, cybercrime, cybersecurity, open-source, pypi, supply-chain, threat

The open-source ecosystem has once again become the battleground for cybercriminals, as Datadog’s Security Research team uncovered a coordinated supply chain attack by an enigmatic threat actor designated MUT-8694. Leveraging... First seen on securityonline.info Jump to article: securityonline.info/cybersecurity-alert-mut-8694-supply-chain-attack-targets-npm-and-pypi-ecosystems/
Telegram leveraged by updated PyPI package for crypto exfiltration

Nov 26, 2024 9:10 PM

Tags: crypto, pypi

First seen on scworld.com Jump to article: www.scworld.com/brief/telegram-leveraged-by-updated-pypi-package-for-crypto-exfiltration
PyPI Python Library “aiocpa” Found Exfiltrating Crypto Keys via Telegram Bot

Nov 25, 2024 6:08 PM

Tags: api, crypto, malicious, pypi, update

The administrators of the Python Package Index (PyPI) repository have quarantined the package “aiocpa” following a new update that included malicious code to exfiltrate private keys via Telegram.The package in question is described as a synchronous and asynchronous Crypto Pay API client. The package, originally released in September 2024, has been downloaded 12,100 times to…
Fake ChatGPT, Claude PyPI packages spread JarkaStealer malware

Nov 23, 2024 9:56 PM

Tags: chatgpt, malware, pypi

First seen on scworld.com Jump to article: www.scworld.com/news/fake-chatgpt-claude-pypi-packages-spread-jarkastealer-malware