"Top Python Developers Hacked in Sophisticated Supply Chain Attack"

Checkmarx reports that multiple Python developers, including a Top.gg maintainer, were infected with information-stealing malware after downloading a malicious clone of a popular tool. Colorama, a tool that makes ANSI escape character sequences work on Windows, has over 150 million monthly downloads. The hackers cloned the tool, inserted malicious code into it, and put the malicious version on a fake mirror domain that used typosquatting to trick developers into thinking it was the legitimate 'files.pythonhosted.org' mirror. To spread the package, the attackers set up malicious repositories under their accounts. They hijacked high-profile accounts, such as the GitHub account 'editor-syntax,' which maintains the Top.gg search and discovery platform for Discord. This article continues to discuss the supply chain attack that has infected multiple Python developers.

SecurityWeek reports "Top Python Developers Hacked in Sophisticated Supply Chain Attack"

Submitted by grigby1