September 4, 2024 at 09:18AM A new supply chain attack technique, Revival Hijack, targets the Python Package Index (PyPI), allowing for hijacking of over 22,000 existing PyPI packages. Attackers can publish malicious packages under the same name and a higher version, posing a significant risk to developers. The attack has already been exploited, emphasizing the … Read more
August 1, 2024 at 10:06AM Threat actors abused the Stack Exchange Q&A platform to target cryptocurrency users, promoting malware-laden Python packages. The malicious packages stole sensitive data, captured screenshots, and provided remote access to victims’ machines. These attacks demonstrate the exploitation of community-driven platforms to conduct large-scale supply chain attacks, urging individuals and organizations to … Read more
December 14, 2023 at 11:00AM Cybersecurity researchers have found 116 malicious packages in the Python Package Index repository infecting Windows and Linux systems, targeting around 10,000 downloads since May 2023. Attackers employ various techniques to bundle malicious code, mainly aiming to compromise hosts with backdoor malware, including W4SP Stealer and clipper malware. Python developers are … Read more
November 8, 2023 at 08:27AM A set of malicious Python packages, disguised as obfuscation tools, have been discovered on the Python Package Index (PyPI) repository. The packages contain a malware called BlazeStealer, which allows attackers to gain control over compromised systems. The campaign began in January 2023 and includes eight packages. The malware can steal … Read more