Tag: Packages
-
Researchers Uncover 7000 Malicious Open Source Packages
Security vendor Sonatype detected 6933 malicious open source packages in the month of March alone, bringing the total discovered since 2019 …
-
Cryptocurrency Stealer Malware Distributed via 13 NuGet Packages
Cybersecurity researchers have detailed the inner workings of the cryptocurrency stealer malware that was distributed via 13 malicious …
-
Python Developers Warned of Trojanized PyPI Packages Mimicking Popular Libraries
Cybersecurity researchers are warning of “imposter packages” mimicking popular libraries available on the Python Package Index (PyPI) …
-
700+ Malicious Open-Source Packages Found in npm and PyPI
Last month, security researchers at Sonatype caught 691 malicious packages in the npm registry and 49 in the PyPI …
-
Researchers Hijack Popular NPM Package with Millions of Downloads
A popular npm package with more than 3.5 million weekly downloads has been found vulnerable to an account takeover attack. “The package can …
-
Python Developers Beware: Clipper Malware Found in 450+ PyPI Packages!
Malicious actors have published more than 451 unique Python packages on the official Python Package Index (PyPI) repository in an attempt …
-
Typosquatting: Legit Abquery Package Duped with Malicious Aabquerys
ReversingLabs has published an advisory to share details of a malicious package discovered in the PyPI (Python Package Index) while …
-
Researchers Uncover 700+ Malicious Open Source Packages
Security researchers have discovered another sizeable haul of malicious packages on the npm and PyPI open source registries, which could …
-
Researchers Uncover Obfuscated Malicious Code in PyPI Python Packages
Four different rogue packages in the Python Package Index (PyPI) have been found to carry out a number of malicious actions, including …
-
DOE Lab, U2opia Sign Cybersecurity Tech Licensing Package Deal
Oak Ridge National Laboratory has granted U2opia Technology exclusive licensing rights to a pair of tools designed to support cybersecurity …
-
Poisoned Lolip0p PyPI Packages
On the Python Package Index, three new fake packages, colorslib, httpslib, and libhttps, have appeared with malware. Wasn’t it only a few …
-
Malicious PyPI Packages Drop Malware in New Supply Chain Attack
The malicious packages were uploaded by a threat actor using the alias “Lolip0p,” who dropped info-stealing malware on targeted …
●●●