Hackers Target Python Developers with Fake "Crytic-Compilers" Package on PyPI

Hackers Target Python Developers with Fake "Crytic-Compilers" Package on PyPI

Hackers Target Python Developers with Fake "Crytic-Compilers" Package on PyPI Cybersecurity researchers have discovered a malicious Python package uploaded to the Python Package Index (PyPI) repository that’s designed to deliver an information stealer called Lumma (aka LummaC2). The package in question is crytic-compilers, a typosquatted version of a legitimate library Read more…

PyPI Halts Sign-Ups Amid Surge of Malicious Package Uploads Targeting Developers

PyPI Halts Sign-Ups Amid Surge of Malicious Package Uploads Targeting Developers

PyPI Halts Sign-Ups Amid Surge of Malicious Package Uploads Targeting Developers The maintainers of the Python Package Index (PyPI) repository briefly suspended new user sign-ups following an influx of malicious projects uploaded as part of a typosquatting campaign. It said “new project creation and new user registration” was temporarily halted to mitigate Read more…

Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems

Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems

Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of infecting developer systems with malware. The packages, now taken down, are pycryptoenv, pycryptoconf, quasarlib, and swapmempool. They have been collectively downloaded 3,269 Read more…

New Malicious PyPI Packages Caught Using Covert Side-Loading Tactics

New Malicious PyPI Packages Caught Using Covert Side-Loading Tactics

New Malicious PyPI Packages Caught Using Covert Side-Loading Tactics Cybersecurity researchers have discovered two malicious packages on the Python Package Index (PyPI) repository that were found leveraging a technique called DLL side-loading to circumvent detection by security software and run malicious code. The packages, named NP6HelperHttptest and NP6HelperHttper, were each downloaded 537 and 166 times, respectively, 2024-02-20 12:30:00

Malicious PyPI Packages

Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines

Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines Jan 29, 2024NewsroomPyPI Repository / Malware Cybersecurity researchers have identified malicious packages on the open-source Python Package Index (PyPI) repository that deliver an information stealing malware called WhiteSnake Stealer on Windows systems. The malware-laced packages are named nigpal, figflix, telerer, Read more…

Crypto Miners

3 Malicious PyPI Packages Found Targeting Linux with Crypto Miners

3 Malicious PyPI Packages Found Targeting Linux with Crypto Miners Jan 04, 2024NewsroomCryptocurrency Miner / Malware Three new malicious packages have been discovered in the Python Package Index (PyPI) open-source repository with capabilities to deploy a cryptocurrency miner on affected Linux devices. The three harmful packages, named modularseven, driftme, and Read more…