Tag: pypi
-
Supply chain compromise of Ultralytics AI library results in trojanized versions
Attackers have compromised Ultralytics YOLO packages published on PyPI, the official Python package index, by compromising the build environment of the popular library for creating custom machine learning models. The malicious code deployed cryptocurrency mining malware on systems that installed the package, but the attackers could have delivered any type of malware.According to researchers from…
-
Beware Of Malicious PyPI Packages That Inject infostealer Malware
Recent research uncovered a novel crypto-jacking attack targeting the Python Package Index (PyPI), where malicious actors uploaded a legitimate-seeming cryptocurrency client package, >>aiocpa,
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 22
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. A Case-Control Study to Measure Behavioral Risks of Malware Encounters in Organizations PyPI Python Library >>aiocpa
-
Check Point entdeckt Typosquatting-Kampagne über PyPI
Für Sicherheitskräfte ist es wichtig, auf das inhärente Risiko hinzuweisen, das mit Open-Source-Komponenten verbunden ist, auch angesichts der zunehme… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-entdeckt-typosquatting-kampagne-ueber-pypi/a36934/
-
Ein faules Potpourri aus Python-Paketen in PyPI
Tags: pypiFirst seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/eset-research/ein-faules-potpourri-aus-python-paketen-in-pypi/
-
The Hidden Dangers in Open Source Libraries: A Closer Look at the Malicious Go Binary Hidden in a PyPI Package
First seen on thefinalhop.com Jump to article: www.thefinalhop.com/the-hidden-dangers-in-open-source-libraries-a-closer-look-at-the-malicious-go-binary-hidden-in-a-pypi-package/
-
Cybersecurity Alert: MUT-8694 Supply Chain Attack Targets npm and PyPI Ecosystems
The open-source ecosystem has once again become the battleground for cybercriminals, as Datadog’s Security Research team uncovered a coordinated supply chain attack by an enigmatic threat actor designated MUT-8694. Leveraging... First seen on securityonline.info Jump to article: securityonline.info/cybersecurity-alert-mut-8694-supply-chain-attack-targets-npm-and-pypi-ecosystems/
-
Telegram leveraged by updated PyPI package for crypto exfiltration
First seen on scworld.com Jump to article: www.scworld.com/brief/telegram-leveraged-by-updated-pypi-package-for-crypto-exfiltration
-
PyPI Python Library “aiocpa” Found Exfiltrating Crypto Keys via Telegram Bot
The administrators of the Python Package Index (PyPI) repository have quarantined the package “aiocpa” following a new update that included malicious code to exfiltrate private keys via Telegram.The package in question is described as a synchronous and asynchronous Crypto Pay API client. The package, originally released in September 2024, has been downloaded 12,100 times to…
-
Fake ChatGPT, Claude PyPI packages spread JarkaStealer malware
First seen on scworld.com Jump to article: www.scworld.com/news/fake-chatgpt-claude-pypi-packages-spread-jarkastealer-malware
-
PyPI-Lieferkette im Visier: Kaspersky deckte Cyber-Angriff auf
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/pypi-lieferkette-visier-kaspersky-aufdeckung-cyber-angriff
-
PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries
Cybersecurity researchers have discovered two malicious packages uploaded to the Python Package Index (PyPI) repository that impersonated popular artificial intelligence (AI) models like OpenAI ChatGPT and Anthropic Claude to deliver an information stealer called JarkaStealer.The packages, named gptplus and claudeai-eng, were uploaded by a user named “Xeroline” in November 2023, attracting First seen on thehackernews.com…
-
Two PyPi Malicious Package Mimic ChatGPT Claude Steals Developers Data
Two malicious Python packages masquerading as tools for interacting with popular AI models ChatGPT and Claude were recently discovered on the Python Package Index (PyPI), the official repository for Python libraries. These packages reportedly remained undetected for over a year, silently compromising developer environments and exfiltrating sensitive data. As reported by a cybersecurity researcher, Leonid…
-
Attestations: A new generation of signatures on PyPI
Tags: pypiRead the official announcement on the PyPI blog as well! For the past year, we’ve worked with the Python Package Index (PyPI) on a new security feature for the Python ecosystem: index-hosted digital attestations, as specified in PEP 740. These attestations improve on traditional PGP signatures (which have been disabled on PyPI) by providing key……
-
Malicious Python Package Exfiltrates AWS Credentials
Developers’ Credentials Stolen via Typosquatted ‘Fabric’ Library. A malicious Python package that mimics a popular SSH automation library has been live on PyPi since 2021 and delivers payloads that steal credentials and create backdoors. The package steals AWS access and secret keys, sending them to a remote server operated through a VPN in Paris First…
-
Malicious PyPI package with 37,000 downloads steals AWS keys
A malicious Python package named ‘fabrice’ has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services credentials from unsuspecting developers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malicious-pypi-package-with-37-000-downloads-steals-aws-keys/
-
Fabrice Malware on PyPI Has Been Stealing AWS Credentials for 3 Years
The malicious Python package >>Fabrice>Fabric
-
Malicious PyPI Package ‘Fabrice’ Found Stealing AWS Keys from Thousands of Developers
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) that has racked up thousands of downloads for over three years while stealthily exfiltrating developers’ Amazon Web Services (AWS) credentials.The package in question is “fabrice,” which typosquats a popular Python library known as “fabric,” which is designed to execute shell commands remotely…
-
Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems
Cybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm, Ruby Gems, NuGet, Dart P… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/supply-chain-attacks-exploit-entry.html
-
Angriffe auf PyPIChain – Revival Hijack bedroht über 22.000 PyPI-Pakete
First seen on security-insider.de Jump to article: www.security-insider.de/neue-angriffsmethode-python-package-index-jfrog-sicherheitsanalyse-a-94bc7f8a57108d45ec2aae8de5b73926/
-
Supply Chain Attacks Exploit Entry Points in Python, npm, and Open-Source Ecosystems
Cybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm, Ruby Gems, NuGet, Dart P… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/supply-chain-attacks-exploit-entry.html
-
Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI
Multiple Python packages referencing dependencies containing cryptocurrency-stealing code were published to PyPI. The post Cryptocurrency Wallets Targ… First seen on securityweek.com Jump to article: www.securityweek.com/cryptocurrency-wallets-targeted-via-python-packages-uploaded-to-pypi/
-
PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data
A new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency wallet recovery an… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/pypi-repository-found-hosting-fake.html
-
PyPI loophole puts thousands of packages at risk of compromise
Thousands of PyPI packages are at risk of an attack technique dubbed Revival Hijack, which exploits a loophole in the platform’s package naming featur… First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366609663/PyPI-loophole-puts-thousands-of-packages-at-risk-of-compromise
-
New PyPI Malware Poses as Crypto Wallet Tools to Steal Private Keys
First seen on hackread.com Jump to article: hackread.com/pypi-malware-crypto-wallet-tools-steal-private-keys/
-
Trouble in Da Hood: Malicious Actors Use Infected PyPI Packages to Target Roblox Cheaters
The world of gaming can be a cut-throat place, with many players turning to online help via third-party programs (‘game hacks’) to get ahead. Although… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/09/trouble-in-da-hood-malicious-actors-use-infected-pypi-packages-to-target-roblox-cheaters/
-
Citrine Sleet Poisons PyPI Packages With Mac & Linux Malware
First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/citrine-sleet-poisons-pypi-packages-mac-linux-malware
-
North Korea Targets Software Supply Chain Via PyPI
Backdoored Python Packages Likely Work of ‘Gleaming Pisces,’ Says Palo Alto. A North Korean hacking group with a history of a stealing cryptocurrency … First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/north-korea-targets-software-supply-chain-via-pypi-a-26344
-
Researchers Find Over 22,000 Removed PyPI Packages at Risk of Revival Hijack
A new supply chain attack technique targeting the Python Package Index (PyPI) registry has been exploited in the wild in an attempt to infiltrate down… First seen on thehackernews.com Jump to article: thehackernews.com/2024/09/hackers-hijack-22000-removed-pypi.html
-
‘Revival Hijack’ on PyPI Disguises Malware with Legitimate File Names
First seen on darkreading.com Jump to article: www.darkreading.com/application-security/revival-hijack-on-pypi-disguises-malware-with-legitimate-file-names