"New PyPI Package Zlibxjson Steals Discord, Browser Data"

A malicious package named "zlibxjson version 8.2," has been discovered in the PyPI repository. The package was detected by Fortinet's Artificial Intelligence (AI)-powered OSS malware detection system on July 3, 2024, closely following its release on June 29, 2024. The package downloaded multiple files, including a PyInstaller-packed executable (.exe) that revealed several Python and DLL files when unpacked. This article continues to discuss findings regarding the new malicious PyPI package.

Infosecurity Magazine reports "New PyPI Package Zlibxjson Steals Discord, Browser Data"

Submitted by grigby1

Submitted by Gregory Rigby on