Tag: pypi
-
PyPI-Lieferkette im Visier: Kaspersky deckte Cyber-Angriff auf
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/pypi-lieferkette-visier-kaspersky-aufdeckung-cyber-angriff
-
PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries
Cybersecurity researchers have discovered two malicious packages uploaded to the Python Package Index (PyPI) repository that impersonated popular artificial intelligence (AI) models like OpenAI ChatGPT and Anthropic Claude to deliver an information stealer called JarkaStealer.The packages, named gptplus and claudeai-eng, were uploaded by a user named “Xeroline” in November 2023, attracting First seen on thehackernews.com…
-
Two PyPi Malicious Package Mimic ChatGPT Claude Steals Developers Data
Two malicious Python packages masquerading as tools for interacting with popular AI models ChatGPT and Claude were recently discovered on the Python Package Index (PyPI), the official repository for Python libraries. These packages reportedly remained undetected for over a year, silently compromising developer environments and exfiltrating sensitive data. As reported by a cybersecurity researcher, Leonid…
-
Attestations: A new generation of signatures on PyPI
Tags: pypiRead the official announcement on the PyPI blog as well! For the past year, we’ve worked with the Python Package Index (PyPI) on a new security feature for the Python ecosystem: index-hosted digital attestations, as specified in PEP 740. These attestations improve on traditional PGP signatures (which have been disabled on PyPI) by providing key……
-
Malicious Python Package Exfiltrates AWS Credentials
Developers’ Credentials Stolen via Typosquatted ‘Fabric’ Library. A malicious Python package that mimics a popular SSH automation library has been live on PyPi since 2021 and delivers payloads that steal credentials and create backdoors. The package steals AWS access and secret keys, sending them to a remote server operated through a VPN in Paris First…
-
Malicious PyPI package with 37,000 downloads steals AWS keys
A malicious Python package named ‘fabrice’ has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services credentials from unsuspecting developers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malicious-pypi-package-with-37-000-downloads-steals-aws-keys/
-
Fabrice Malware on PyPI Has Been Stealing AWS Credentials for 3 Years
The malicious Python package >>Fabrice>Fabric
-
Malicious PyPI Package ‘Fabrice’ Found Stealing AWS Keys from Thousands of Developers
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) that has racked up thousands of downloads for over three years while stealthily exfiltrating developers’ Amazon Web Services (AWS) credentials.The package in question is “fabrice,” which typosquats a popular Python library known as “fabric,” which is designed to execute shell commands remotely…
-
Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems
Cybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm, Ruby Gems, NuGet, Dart P… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/supply-chain-attacks-exploit-entry.html
-
Angriffe auf PyPIChain – Revival Hijack bedroht über 22.000 PyPI-Pakete
First seen on security-insider.de Jump to article: www.security-insider.de/neue-angriffsmethode-python-package-index-jfrog-sicherheitsanalyse-a-94bc7f8a57108d45ec2aae8de5b73926/
-
Supply Chain Attacks Exploit Entry Points in Python, npm, and Open-Source Ecosystems
Cybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm, Ruby Gems, NuGet, Dart P… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/supply-chain-attacks-exploit-entry.html
-
Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI
Multiple Python packages referencing dependencies containing cryptocurrency-stealing code were published to PyPI. The post Cryptocurrency Wallets Targ… First seen on securityweek.com Jump to article: www.securityweek.com/cryptocurrency-wallets-targeted-via-python-packages-uploaded-to-pypi/
-
PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data
A new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency wallet recovery an… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/pypi-repository-found-hosting-fake.html
-
PyPI loophole puts thousands of packages at risk of compromise
Thousands of PyPI packages are at risk of an attack technique dubbed Revival Hijack, which exploits a loophole in the platform’s package naming featur… First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366609663/PyPI-loophole-puts-thousands-of-packages-at-risk-of-compromise
-
New PyPI Malware Poses as Crypto Wallet Tools to Steal Private Keys
First seen on hackread.com Jump to article: hackread.com/pypi-malware-crypto-wallet-tools-steal-private-keys/
-
Trouble in Da Hood: Malicious Actors Use Infected PyPI Packages to Target Roblox Cheaters
The world of gaming can be a cut-throat place, with many players turning to online help via third-party programs (‘game hacks’) to get ahead. Although… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/09/trouble-in-da-hood-malicious-actors-use-infected-pypi-packages-to-target-roblox-cheaters/
-
Citrine Sleet Poisons PyPI Packages With Mac & Linux Malware
First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/citrine-sleet-poisons-pypi-packages-mac-linux-malware
-
North Korea Targets Software Supply Chain Via PyPI
Backdoored Python Packages Likely Work of ‘Gleaming Pisces,’ Says Palo Alto. A North Korean hacking group with a history of a stealing cryptocurrency … First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/north-korea-targets-software-supply-chain-via-pypi-a-26344
-
Researchers Find Over 22,000 Removed PyPI Packages at Risk of Revival Hijack
A new supply chain attack technique targeting the Python Package Index (PyPI) registry has been exploited in the wild in an attempt to infiltrate down… First seen on thehackernews.com Jump to article: thehackernews.com/2024/09/hackers-hijack-22000-removed-pypi.html
-
‘Revival Hijack’ on PyPI Disguises Malware with Legitimate File Names
First seen on darkreading.com Jump to article: www.darkreading.com/application-security/revival-hijack-on-pypi-disguises-malware-with-legitimate-file-names
-
PyPI Revival Hijack Puts Thousands of Applications at Risk
First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/pypi-revival-hijack/
-
New Supply Chain Attack >>Revival Hijack<< Risks Massive PyPI Takeovers
JFrog’s cybersecurity researchers have identified a new PyPI attack technique called Revival Hijack, which exploits package deletion policies. Over 22… First seen on hackread.com Jump to article: hackread.com/supply-chain-attack-revival-hijack-pypi-takeovers/
-
Widespread PyPI package takeovers likely with new supply chain attack technique
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/widespread-pypi-package-takeovers-likely-with-new-supply-chain-attack-technique
-
Hackers Hijack 22,000 Removed PyPI Packages, Spreading Malicious Code to Developers
A new supply chain attack technique targeting the Python Package Index (PyPI) registry has been exploited in the wild in an attempt to infiltrate down… First seen on thehackernews.com Jump to article: thehackernews.com/2024/09/hackers-hijack-22000-removed-pypi.html
-
Rogue PyPI Library Solana Users, Steals Blockchain Wallet Keys
Cybersecurity researchers have discovered a new malicious package on the Python Package Index (PyPI) repository that masquerades as a library from the… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/rogue-pypi-library-solana-users-steals.html
-
Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that targets Apple macOS systems with the … First seen on thehackernews.com Jump to article: thehackernews.com/2024/07/malicious-pypi-package-targets-macos-to.html
-
Hackers Abused StackExchange Platform To Deliuver Malicious Python Package
Attackers uploaded malicious Python packages targeting Raydium and Solana users to PyPI, leveraging a StackExchange post to distribute the malware. Th… First seen on gbhackers.com Jump to article: gbhackers.com/stackexchange-malware-attack/
-
New PyPI Package Zlibxjson Steals Discord, Browser Data
First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/pypi-package-steals-discord/
-
Targeted PyPi Package Steals Google Cloud Credentials from macOS Devs
The campaign is laser-targeted, bucking the trend of spray-and-pray malicious open source packages turning up in code repositories seemingly every oth… First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/targeted-pypi-package-steals-google-cloud-credentials-macos-devs
-
Attackers exploit StackExchange to load malicious packages to PyPI
First seen on scmagazine.com Jump to article: www.scmagazine.com/news/attackers-exploit-stackexchange-to-load-malicious-packages-to-pypi