Over the weekend an attacker has been uploading thousands of malicious Python packages on the public PyPI (Python Package Index) software repository. If executed on a Windows system, these packages will download and install a Trojan program hosted on Dropbox.
Flooding public package repositories with malicious packages is not entirely new. Last year researchers detected a group of 186 packages from the same account on the JavaScript npm repository that were designed to install cryptomining software on Linux systems. However, according to researchers on Twitter, this new incident on PyPI was much larger in scope and involved over 5,000 packages, as the attacker kept pushing new ones as the PyPI maintainers were finding and removing the already published ones. So this might be a sign of future attacks to come.
More Stories
Cyber-Attack Disrupts Christie’s $840M Art Auctions
Despite this setback, the auction house said bids can still be placed by phone and in-person Read More
PDF Exploitation Targets Foxit Reader Users
CPR said exploit builders in .NET and Python have been employed to deploy this malware Read More
Why You Need a Personal VPN
It used to be the case that only businesses used virtual private networks (VPNs) to connect securely to the internet...
NCSC Expands Election Cybersecurity to Safeguard Candidates and Officials
The National Cyber Security Centre launches an opt-in Personal Internet Protection service to safeguard individuals from cyber threats during the...
How To Spot A Fake Facebook Account
How do you manage your Facebook friends? Do you keep your list really tight and only include ‘active’ pals? Or...
Google Expands Synthetic Content Watermarking Tool to AI-Generated Text
Google DeepMind’s SynthID can now be used to watermark AI-generated images, audio, text and video Read More