Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal

Written By Auto Tech Friday, 14 March 2025 Add Comment

March 15, 2025 at 11:25AM

Cybersecurity researchers have warned of a malicious campaign targeting users of the Python Package Index (PyPI) repository with bogus libraries masquerading as "time" related utilities, but harboring hidden functionality to steal sensitive data such as cloud access tokens. Software supply chain security firm ReversingLabs said it discovered two sets of packages totaling 20 of them. The packages

from The Hacker News https://ift.tt/8e6N9j0

New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions
OBSCURE#BAT Malware Uses Fake CAPTCHA Pages to Deploy Rootkit r77 and Evade Detection
GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks

{ads}

Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal

Related

0 Response to "Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal"

Post a Comment

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads

{ads}

Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal

Related

Related Posts

0 Response to "Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal"

Post a Comment

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads