#PyPiVulnerability

‘Revival Hijack’ on PyPI Disguises Malware with Legitimate File Names

by

September 4, 2024 at 04:43PM Security researchers have discovered a concerning method for attackers to distribute malicious payloads through the PyPI package repository. By re-registering a removed package with the same name, adversaries can pass off rogue packages as legitimate ones. This “Revival Hijack” method poses a clear threat, with 120,000 abandoned packages susceptible to … Read more

Cybercriminals pose as “helpful” Stack Overflow users to push malware

by

May 29, 2024 at 07:25PM Cybercriminals have been using Stack Overflow to spread malware, posing as helpful contributors answering users’ questions about a PyPi package named ‘pytoileur’ which actually installs Windows information-stealing malware. This malicious package is part of the ‘Cool package’ campaign and was promoted through typo-squatting and Stack Overflow answers. Developers are urged … Read more