Recherche : [PyPI] - Cyberveille

Bad Actors Are Joining the AI Revolution: Here’s What We’ve Found in the Wild https://hackernoon.com/bad-actors-are-joining-the-ai-revolution-heres-what-weve-found-in-the-wild?source=rss

03/05/2023 10:05:36

Follow security researchers as they uncover malicious packages on open-source registries, trace bad actors to Discord, and unveil AI-assisted code.

Supply Chain Attack Using Identical PyPI Packages, “colorslib”, “httpslib”, and “libhttps” https://www.fortinet.com/blog/threat-research/supply-chain-attack-using-identical-pypi-packages-colorslib-httpslib-libhttps

16/01/2023 21:21:22

The FortiGuard Labs team discovered an attack embedded in three PyPI packages called ‘colorslib’, ‘httpslib’, and “libhttps”. Read our blog to learn more.

I scanned every package on PyPi and found 57 live AWS keys https://tomforb.es/i-scanned-every-package-on-pypi-and-found-57-live-aws-keys/

07/01/2023 22:21:04

After inadvertently finding that InfoSys leaked an AWS key on PyPi I wanted to know how many other live AWS keys may be present on Python package index. After scanning every release published to PyPi I found 57 valid access keys from organisations like:

Amazon themselves 😅
Intel
Stanford, Portland and Louisiana University
The Australian Government
General Atomics fusion department
Terradata
Delta Lake
And Top Glove, the worlds largest glove manufacturer 🧤

SentinelSneak: Malicious PyPI module poses as security software development kit https://blog.reversinglabs.com/blog/sentinelsneak-malicious-pypi-module-poses-as-security-sdk

21/12/2022 00:05:00

A malicious Python file found on the PyPI repo adds backdoor and data exfiltration features to what appears to be a legitimate SDK client from SentinelOne.

Phylum Detects Ongoing Typosquat/Ransomware Campaign in PyPI and NPM https://blog.phylum.io/phylum-detects-active-typosquatting-campaign-in-pypi

12/12/2022 15:55:58

Malicious packages that download ransomware binaries written in Golang published today, with more expected in the coming hours.

W4SP continues to nest in PyPI: Same supply chain attack, different distribution method https://develop.secure.software/w4sp-continues-to-nest-in-pypi-same-supply-chain-attack-different-distribution-method

05/12/2022 12:13:20

Here's ReversingLabs' discoveries and indicators of compromise (IOCs) for W4SP, as well as links to our YARA rule that can be used to detect the malicious Python packages in your environment.

Phylum Discovers Dozens More PyPI Packages Attempting to Deliver W4SP Stealer in Ongoing Supply-Chain Attack https://blog.phylum.io/phylum-discovers-dozens-more-pypi-packages-attempting-to-deliver-w4sp-stealer-in-ongoing-supply-chain-attack

02/11/2022 21:03:04

Last week, our automated risk detection platform alerted us to suspicious activity in dozens of newly published PyPI packages. Here's what we uncovered.

PyPI Phishing Campaign | JuiceLedger Threat Actor Pivots From Fake Apps to Supply Chain Attacks https://www.sentinelone.com/labs/pypi-phishing-campaign-juiceledger-threat-actor-pivots-from-fake-apps-to-supply-chain-attacks/

03/09/2022 11:24:16

A new threat actor is spreading infostealer malware through targeted attacks on developers and fraudulent cryptotrading applications.

Two more malicious Python packages in the PyPI https://securelist.com/two-more-malicious-python-packages-in-the-pypi/107218/

16/08/2022 19:41:05

We used our internal automated system for monitoring open-source repositories and discovered two other malicious Python packages in the PyPI.

PyPI package 'ctx' and PHP library 'phpass' compromised to steal environment variables https://blog.sonatype.com/pypi-package-ctx-compromised-are-you-at-risk

25/05/2022 06:59:04

This week, immensely popular PyPI package 'ctx' has been compromised and altered to steal environment variables from its users. Additionally, a forked PHP project 'phpass' also suffered a repo-hijacking attack with the project tained with identical malicious payload.

Malicious PyPI package opens backdoors on Windows, Linux, and Macs https://www.bleepingcomputer.com/news/security/malicious-pypi-package-opens-backdoors-on-windows-linux-and-macs/

21/05/2022 22:21:57

Yet another malicious Python package has been spotted in the PyPI registry performing supply chain attacks to drop Cobalt Strike beacons and backdoors on Windows, Linux, and macOS systems.

Liens par page

Filtres