Malicious Packages Hidden in PyPI


The FortiGuard Labs team has identified a malicious PyPI package affecting all platforms where PyPI packages can be installed.

This discovery poses a significant risk to individuals and institutions that have installed these packages, potentially leading to the leakage of credentials and sensitive information. Given the high severity of this threat, it is crucial to focus on this specific PyPI package. This report discusses its potential impacts and emphasizes the importance of diligent security practices in managing software dependencies.

Read more…
Source: Fortinet


Sign up for our Newsletter


Related:

  • How Effective Is Your Insider Risk Program?

    September 3, 2024

    Insider threats continue to increase and make headlines. So, it is no surprise that many CISOs consider it a high priority to proactively identify and prevent these types of threats. In fact, research for the 2024 Voice of the CISO report from Proofpoint found that a third of CISOs globally see insider threats as their biggest ...

  • North Korea Aggressively Targeting Crypto Industry with Well-Disguised Social Engineering Attacks

    September 3, 2024

    The Democratic People’s Republic of Korea (“DPRK” aka North Korea) is conducting highly tailored, difficult-to-detect social engineering campaigns against employees of decentralized finance (“DeFi”), cryptocurrency, and similar businesses to deploy malware and steal company cryptocurrency. North Korean social engineering schemes are complex and elaborate, often compromising victims with sophisticated technical acumen. Given the scale and persistence ...

  • Decoding the Puzzle: Cicada3301 Ransomware Threat Analysis

    September 3, 2024

    Cicada3301 ransomware, written in Rust, was first reported less than two months ago. Despite its recent emergence, Morphisec threat researchers have already identified striking similarities between Cicada3301 and the infamous BlackCat ransomware. Like its namesake, the Cicada puzzle, which has long been associated with complex, cyber-related problem-solving, the true identity of the Cicada3301 ransomware developers remains ...

  • Stone Wolf employs Meduza Stealer to hack Russian companies

    September 2, 2024

    BI.ZONE Threat Intelligence reports an increase in criminal activity employing commercial malware available on underground resources. Recently, the researchers identified a malicious campaign by a cluster later dubbed Stone Wolf. The adversaries send out phishing emails on behalf of a legitimate provider of industrial automation solutions. The goal of the attackers is to deliver Meduza Stealer ...

  • Head Mare: adventures of a unicorn in Russia and Belarus

    September 2, 2024

    Head Mare is a hacktivist group that first made itself known in 2023 on the social network X (formerly Twitter). In their public posts, the attackers reveal information about some of their victims, including organization names, internal documents stolen during attacks, and screenshots of desktops and administrative consoles. By analyzing incidents in Russian companies, Kaspersky researchers ...

  • Northern Ireland: Police Ombudsman sorry for ‘distressing’ data leak as investigation is launched

    September 1, 2024

    An investigation has been launched after a data breach led to the details of current and former Police Ombudsman staff members being accidently released. The Police Ombudsman (PONI) has apologised for the data leak incident involving 160 current and former staff. A document containing some of their personal details was “inadvertently released” to 22 people who ...