News
PyPI malware termncolor and colorinal downloaded 884 times exploit DLL side-loading, persistence, and C2 communication.
Pyg-utils, Pymocks, PyProto2 – All three packages target AWS credentials and appear very similar to another set of packages discovered by Sonatype in June. The first even connects to the same ...
Several harmful Python .whl files containing a new type of malware called “Kekw” have been discovered on PyPI (Python Package Index). According to new data by Cyble Research and Intelligence Labs ...
Hackers are once again targeting Python developers involved in the blockchain industry in an attempt to distribute malware and steal tokens. A new report from cybersecurity researchers at ...
The setup.py file in the malicious PyPI packages used in this attack contained a payload encoded in base64 for obfuscation, which involved the execution of a PowerShell command on Windows systems.
This package, too, mimicked the name of a popular Python library, named "colorama." According to the PyPI Stats service, 54 users had downloaded the package a month before it was taken down.
The massive growth in requests led the findings, with JavaScript (npm) leading the list with 4.5 trillion requests — up 70% year-over-year — followed by Python (PyPI) with 530 billion package ...
A new package mimicked the popular 'requests' library on the Python Package Index (PyPI) to target macOS devices with the Sliver C2 adversary framework, used for gaining initial access to ...
Python Development Master taps new features in Python to manage a project’s packages without the overhead imposed by a virtual environment.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback