"Malware Upload Attack Hits PyPI Repository"

To mitigate a malware upload campaign, the Python Package Index (PyPI) repository's maintainers suspended user registration and the creation of new projects. Checkmarx warns that multiple malicious Python packages are being distributed using typosquatting methods. According to researchers, this is a multi-stage attack with a malicious payload aimed at stealing cryptocurrency wallets, sensitive data from browsers, and more. Researchers have also reported that the malicious payload uses a persistence mechanism to survive reboots. This article continues to discuss the malware campaign and PyPI maintainers' efforts to block it. 

SecurityWeek reports "Malware Upload Attack Hits PyPI Repository"

Submitted by grigby1

Submitted by Gregory Rigby on