"27 Malicious PyPI Packages with Thousands of Downloads Found Targeting IT Experts"

For nearly six months, an unknown threat actor has been publishing typosquat packages to the Python Package Index (PyPI) repository to deliver malware capable of gaining persistence, stealing sensitive data, and accessing cryptocurrency wallets. According to Checkmarx, the 27 packages, which posed as popular legitimate Python libraries, were downloaded thousands of times. Most downloads came from the US, China, France, Hong Kong, Germany, Russia, Ireland, Singapore, the UK, and Japan. The software supply chain security company noted that the use of steganography to hide a malicious payload within an innocent-looking image file was a distinguishing feature of this attack. This article continues to discuss findings regarding the 27 malicious PyPI packages.

THN reports "27 Malicious PyPI Packages with Thousands of Downloads Found Targeting IT Experts"

Submitted by grigby1