November 9, 2024 at 03:12PM A malicious Python package, ‘fabrice,’ has been available on PyPI since 2021, stealing AWS credentials from developers. Downloaded over 37,000 times through typosquatting the legitimate ‘fabric,’ it executes OS-specific scripts for credential theft, exfiltrating them to a VPN server. Users are advised to verify packages and implement IAM for protection. … Read more
October 30, 2024 at 07:54AM Researchers identified a malicious Python package, “CryptoAITools,” disguised as a cryptocurrency trading tool. It steals sensitive data and drains crypto wallets. Distributed via PyPI and fake GitHub repos, it infected over 1,300 systems, exploiting both Windows and macOS while using a deceptive GUI to distract victims during data theft. ### … Read more
May 13, 2024 at 03:09AM Cybersecurity researchers discovered a malicious Python package, requests-darwin-lite, concealing a Golang version of the Sliver command-and-control framework within a PNG image of the project’s logo. The package, downloaded 417 times before being removed, aimed to gather system identifiers and raise concerns about open-source malware distribution. (Words: 50) From the meeting … Read more