February 21, 2024 at 04:27AM Cybersecurity researchers discovered two malicious Python packages on PyPI repository, NP6HelperHttptest and NP6HelperHttper, using DLL side-loading to evade detection by security software. These fake packages aimed to deceive developers into downloading rogue counterparts of legitimate ones. The malicious code included a remote access trojan and was part of a wider … Read more
January 29, 2024 at 01:03AM Cybersecurity researchers have detected malicious packages on the PyPI repository containing a data-stealing malware, WhiteSnake Stealer, targeting Windows and Linux systems. The packages, uploaded by a threat actor named “WS,” incorporate encoded source code and aim to exfiltrate sensitive data and crypto wallet information. This discovery highlights the threat of … Read more
January 4, 2024 at 06:24AM Three new malicious packages discovered in the Python Package Index (PyPI) repository can deploy a cryptocurrency miner on affected Linux devices. The packages, modularseven, driftme, and catme, attracted 431 downloads before being removed. They conceal their payload, deploy a CoinMiner executable, and persistently exploit devices, evading detection and security software. … Read more
November 17, 2023 at 06:00AM An unidentified threat actor has been uploading malware-laden fake Python libraries to the PyPI repository for the past six months. Disguised as legitimate packages, these 27 libraries have attracted thousands of downloads from various countries. The attacker used steganography to hide malicious payloads within innocent-looking image files. The packages included … Read more