Open Source Security Priorities Get a Reshuffle

December 6, 2024 at 10:07AM The latest “Census of Free and Open Source Software” highlights the rising significance of open source components, especially in Python and cloud connectivity. The report emphasizes the need for better funding and maintenance to enhance software security, as reliance on aging, unpaid developers poses sustainability challenges for critical software ecosystems. … Read more

Faux ChatGPT, Claude API Packages Deliver JarkaStealer

November 22, 2024 at 05:08PM Two malicious Python packages falsely marketed as tools for ChatGPT and Claude contained an infostealer named “JarkaStealer.” Designed to lure developers, they masqueraded as legitimate APIs but ultimately compromised users’ data. Over 1,700 downloads occurred before the packages were removed following discovery by Kaspersky researchers. Here are the key takeaways … Read more

PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries

November 22, 2024 at 01:58AM Researchers found two malicious packages on PyPI, impersonating AI models to deploy the JarkaStealer malware. Uploaded in November 2023, the packages had 1,748 and 1,826 downloads, respectively. They revealed risks of supply chain attacks, emphasizing caution when using open-source components in development. The packages are now unavailable for download. ### … Read more

Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI

October 2, 2024 at 08:39AM Python packages linking to dependencies with cryptocurrency-stealing code were uploaded to PyPI, targeting cryptocurrency wallets. This poses a security threat to users. (45 words) Based on the meeting notes, it appears that there are concerns about Python packages on PyPI containing cryptocurrency-stealing code. These packages pose a potential threat, particularly … Read more

New PondRAT Malware Hidden in Python Packages Targets Software Developers

September 23, 2024 at 03:30AM Threat actors linked to North Korea have been using poisoned Python packages to distribute a new malware called PondRAT, part of an ongoing campaign. The attacks are part of an operation known as Operation Dream Job and aim to compromise supply chain vendors and their customers. The attackers have been … Read more

Developers Beware: Lazarus Group Uses Fake Coding Tests to Spread Malware

September 11, 2024 at 06:27AM Cybersecurity researchers have discovered new malicious Python packages targeting software developers, using fake job interviews as lures. Linked to North Korea-backed Lazarus Group, the ongoing campaign dubbed VMConnect employs modified legit PyPI libraries to embed malicious code. Attackers impersonate legitimate companies and use LinkedIn to contact and infect unsuspecting developers. … Read more

Hackers Hijack 22,000 Removed PyPI Packages, Spreading Malicious Code to Developers

September 4, 2024 at 09:18AM A new supply chain attack technique, Revival Hijack, targets the Python Package Index (PyPI), allowing for hijacking of over 22,000 existing PyPI packages. Attackers can publish malicious packages under the same name and a higher version, posing a significant risk to developers. The attack has already been exploited, emphasizing the … Read more

Hackers Distributing Malicious Python Packages via Popular Developer Q&A Platform

August 1, 2024 at 10:06AM Threat actors abused the Stack Exchange Q&A platform to target cryptocurrency users, promoting malware-laden Python packages. The malicious packages stole sensitive data, captured screenshots, and provided remote access to victims’ machines. These attacks demonstrate the exploitation of community-driven platforms to conduct large-scale supply chain attacks, urging individuals and organizations to … Read more

116 Malware Packages Found on PyPI Repository Infecting Windows and Linux Systems

December 14, 2023 at 11:00AM Cybersecurity researchers have found 116 malicious packages in the Python Package Index repository infecting Windows and Linux systems, targeting around 10,000 downloads since May 2023. Attackers employ various techniques to bundle malicious code, mainly aiming to compromise hosts with backdoor malware, including W4SP Stealer and clipper malware. Python developers are … Read more

Beware, Developers: BlazeStealer Malware Discovered in Python Packages on PyPI

November 8, 2023 at 08:27AM A set of malicious Python packages, disguised as obfuscation tools, have been discovered on the Python Package Index (PyPI) repository. The packages contain a malware called BlazeStealer, which allows attackers to gain control over compromised systems. The campaign began in January 2023 and includes eight packages. The malware can steal … Read more