News
The malicious package downloads an image from the Web, then uses a steganography module to extract and execute the code to download malware. Fahmida Y. Rashid, Managing Editor, Features, Dark Reading ...
The Python Package Index (PyPI) registry has removed three malicious Python packages aimed at exfiltrating environment variables and dropping trojans on the infected machines. These malicious ...
In what's the latest instance of a software supply chain attack, unknown threat actors managed to compromise Toptal's GitHub ...
Three malicious packages hosted in the Python Package Index (PyPI) code repository have been uncovered, which collectively have more than 12,000 downloads – and presumably slithered into ...
A malicious Python package named 'fabrice' has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services credentials from unsuspecting developers.
The packages contained an __init__.py file that harboured malicious code, designed to search for files with the .py, .php,.zip, .png, .jpg and .jpeg extensions in the root and DCIM folders, and ...
The latest case in point is a malicious package for distributing Cobalt Strike on Windows, macOS, and Linux systems, which was uploaded to the widely used Python Package Index (PyPI) registry for ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback