Crypto Hijack Sparks Supply Chain Alert
Threat hunters have uncovered a set of seven Python packages designed to pilfer BIP39 mnemonic phrases used for cryptocurrency wallet recovery.
Threat hunters have uncovered a set of seven Python packages designed to pilfer BIP39 mnemonic phrases used for cryptocurrency wallet recovery.
The Lazarus hacking group recently attempted to infect developer systems by uploading four malware-infected packages to the Python Package Index repository.
A previously dormant package on the Python Package Index (PyPI) called django-log-tracker has resurfaced after almost two years, but with a malicious update.
Cybersecurity researchers have identified two malicious packages on the Python Package Index (c) repository employing DLL side-loading to evade detection.
Three malicious Python packages were identified on the Python Package Index (PyPI), collectively garnering 431 downloads within a month before being removed.
A wave of malicious npm and PyPI packages has emerged, posing a serious threat to software developers. This campaign, which commenced on September 12
A malicious software package posing as the legitimate VMware vSphere connector module 'vConnector' has been found on the Python Package Index