PyPI malicious packages
PyPI Goes Quiet After Huge Malware Attack: 500+ Typosquat Fakes Found
Emergency stop button: The Python Package Index was drowning in malicious code again, so they had to shut down registration for cleanup ...
Malicious Packages in npm, PyPI Highlight Supply Chain Threat
Software developers are being targeted with malicious packages in npm and PyPI as threat groups launch software supply-chain attacks ...
3 Malicious PyPI Packages Hide CoinMiner on Linux Devices
In a recent cybersecurity revelation, the Python Package Index (PyPI) has fallen victim to the infiltration of three malicious packages: modularseven, driftme, and catme. These packages, although now removed, managed to amass ...
Attackers Finding Novel Ways to Abuse GitHub: ReversingLabs
Threat actors are finding new ways to take advantage of GitHub in hopes of tricking developers into putting malicious code into their software and sending to users downstream, according to researchers with ...
PyPI Malicious Packages with Thousands of Downloads Targeting Python Developers
For the past six months, an unidentified threat actor has been slipping malicious packages into the Python Package Index (PyPI), a repository for Python software. The aim? To unleash malware capable of ...
