Developers’ Credentials Stolen via Typosquatted ‘Fabric’ Library. A malicious Python package that mimics a popular SSH automation library has been live on PyPi since 2021 and delivers payloads that steal credentials and create backdoors. The package steals AWS access and secret keys, sending them to a remote server operated through a VPN in Paris
First seen on govinfosecurity.com
Jump to article: www.govinfosecurity.com/malicious-python-package-exfiltrates-aws-credentials-a-26789
