Tag: PyPI
-
VMCONNECT: Malicious PyPI Package Mimicking Common Python Tools
ReversingLabs discovered a malicious PyPI package named VMConnect. The package imitated common Python tools & showed suspicious …
-
Malicious PyPI packages resemble a legitimate VMware vSphere connector
A malicious PyPI package called “VMConnect” was found on July 28 to have been designed to strongly resemble a legitimate VMware vSphere …
-
VMConnect: Python PyPI Threat Imitates Popular Modules
A new malicious campaign has been found on the Python Package Index (PyPI) open-source repository involving 24 malicious packages that …
-
This malicious PyPI package mixed source and compiled code to dodge detection
Researchers recently uncovered the following novel attack on the Python Package Index (PyPI). ReversingLabs detected a Python package in …
-
PyPI Strives to Pull Itself Out of Trouble
The Python Package Index (PyPI), is the most popular Python programming language software repository. It’s also a …
-
Universal 2FA implemented for PyPI project maintainers
All Python Package Index project maintainers have been required to adopt two-factor authentication by the end of the year in a bid to …
-
PyPI open-source code repository deals with manic malware maelstrom
Public source code repositories, from Sourceforge to GitHub, from the Linux Kernel Archives to ReactOS.org, from PHP Packagist to the …
-
PyPI Shuts Down Over the Weekend, Says Incident Was Overblown
The climate of concern around open source security and supply chain attacks may have caused a small story to become a big …
-
PyPI Repository temporarily suspends user sign-ups and package uploads due to ongoing attacks
The Python Package Index (PyPI) maintainers have temporarily disabled the sign up and package upload processes due to an ongoing attack. …
-
PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Halted
The maintainers of Python Package Index (PyPI), the official third-party software repository for the Python programming language, have …
-
New KEKW malware infects open-source Python Wheel files via a PyPI distribution
Malicious open-source Python .whl (Wheel) files were found distributing a new malware named KEKW that can steal sensitive information from …
-
‘Blatantly Obvious’: Spyware Offered to Cyberattackers via PyPI Python Repository
Malware-as-a-service hackers from Spain decided to use a public code repository to openly advertise their …
●●●