"Malicious PyPI Packages Using Compiled Python Code to Bypass Detection"

Researchers have uncovered a novel attack on the Python Package Index (PyPI), the official repository of third-party open-source Python projects. The attack uses compiled Python code to evade detection by application security tools. ReversingLabs analyst Karlo Zank noted that it may be the first supply chain attack to exploit the fact that Python bytecode (PYC) files can be directly executed. PYC files are compiled bytecode files generated by the Python interpreter when executing a Python program. The malicious fshec2 package was removed from the package registry on April 17, 2023, following responsible disclosure on the same date. This article continues to discuss the discovery of a novel attack on PyPI. 

THN reports "Malicious PyPI Packages Using Compiled Python Code to Bypass Detection"