Browsing Tag
PyPI
12 posts
Ultralytics AI Library with 60M Downloads Compromised for Cryptomining
Another day, another supply chain attack!
Fabrice Malware on PyPI Has Been Stealing AWS Credentials for 3 Years
The malicious Python package “Fabrice” on PyPI mimics the “Fabric” library to steal AWS credentials, affecting thousands. Learn how…
New PyPI Malware Poses as Crypto Wallet Tools to Steal Private Keys
Checkmarx researchers discovered PyPI malware posing as crypto wallet tools. These malicious packages stole private keys and recovery…
New Supply Chain Attack “Revival Hijack” Risks Massive PyPI Takeovers
JFrog's cybersecurity researchers have identified a new PyPI attack technique called "Revival Hijack," which exploits package deletion policies. Over 22,000 packages are at risk, potentially impacting thousands of users. Stay informed!
Iraqi Hackers Exploit PyPI to Infiltrate Systems Through Python Packages
Python packages are being used to steal data from developers and companies. Learn about the extensive cybercriminal operation…
PyPI Suspends New Projects and Users Due to Malicious Packages
Are you a Python developer? Here's what you need to know!
Crypto Stealing PyPI Malware Hits Both Windows and Linux Users
FortiGuard Labs’ latest research report reveals a concerning trend: threat actors are leveraging the Python Package Index (PyPI),…
OpenSSF Launches Malicious Packages Repository
The launch of the Malicious Packages repository comes at a time when cyberattacks, leveraging malicious open source packages, are on the rise.
FortiGuard Labs Uncovers Series of Malicious NPM Packages Stealing Data
There are over 17 million developers worldwide who use NPM packages, making it a lucrative target for cybercriminals.
Malicious PyPI Packages Drop Malware in New Supply Chain Attack
These packages were uploaded between the 7th and 12th of January 2023 with the names “colorslib,” “httpslib,” and “libhttps.”