Credential stealing seems to be the main goal. Once executed on a machine, the fshec2 malicious payload collects information about the system such as usernames, directory listings, and hostnames ...

Researchers discover malicious 'typosquat' Python packages with ransomware scripts Victims are offered the decryption key without payment, but the prank demonstrates how easy such an attack can be ...

Devs unknowingly use “malicious” modules snuck into official Python repository Code packages available in PyPI contained modified installation scripts.

The Cometlogger-0.1 script, on the other hand, comes with a different set of malicious behavior, such as dynamic file manipulation, webhook injection, infostealing, and anti-VM checks.

A recently spotted supply chain attack abused an old but legitimate Python package to deliver a malicious payload. Read more on how the attacker managed to do it and how to protect yourself from it.

Two more malicious Python packages have been discovered in the Python Package Index (PyPI) repository, days after security researchers from Check Point spotted 10 of them.. The two additional packages ...

This package, too, mimicked the name of a popular Python library, named "colorama." According to the PyPI Stats service , 54 users had downloaded the package a month before it was taken down.

In the latest supply chain attack, an unknown threat actor has created a malicious Python package that appears to be a software development kit (SDK) for a well-known security client from SentinelOne.

The project is called PiKarma and it's a Python script created by Turkish security researcher Besim Altinok that can detect WiFi networks that are carrying KARMA attacks, a well-known form of WiFi ...

Malicious libraries are not uncommon in package repositories. Last year, researchers discovered ten of them in PyPi, the official third-party store for Python programming language.