Pierluigi Paganini
August 28, 2022
The Python Package Index (PyPI) warns of an ongoing phishing campaign to steal developer credentials and distribute malicious updates. The Python Package Index, PyPI, this week warned of an ongoing phishing campaign that aims to steal developer credentials and inject malicious updates to the packages in the repository. “Today we received reports of a phishing […]
Pierluigi Paganini
August 10, 2022
10 packages have been removed from the Python Package Index (PyPI) because they were found harvesting data. Check Point researchers have discovered ten malicious packages on the Python Package Index (PyPI). The packages install info-stealers that allow threat actors to steal the private data and personal credentials of the developers. The researchers provide details about […]
Pierluigi Paganini
November 21, 2021
Researchers discovered 11 malicious Python packages in the PyPI repository that can steal Discord access tokens, passwords, and conduct attacks. JFrog researchers have discovered 11 malicious Python packages in the Python Package Index (PyPI) repository that can steal Discord access tokens, passwords, and even carry out dependency confusion attacks. Below is the list of malicious […]
Pierluigi Paganini
June 28, 2021
Researchers discovered six rogue packages in the official Python programming language’s PyPI repository containg cryptocurrency mining malware. Experts from security firm Sonatype have uncovered six typosquatting packages in the official Python programming language’s PyPI repository that were laced with cryptomining malware. The Python Package Index (PyPI) is a repository of software for the Python programming language, it allows users […]
