Tag: pypi
-
Carding tool abusing WooCommerce API downloaded 34K times on PyPI
by
in SecurityNewsA newly discovered malicious PyPi package named ‘disgrasya’ that abuses legitimate WooCommerce stores for validating stolen credit cards has been downloaded over 34,000 times from the open-source package platform. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/carding-tool-abusing-woocommerce-api-downloaded-34k-times-on-pypi/
-
Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data
by
in SecurityNewsCybersecurity researchers have uncovered malicious libraries in the Python Package Index (PyPI) repository that are designed to steal sensitive information.Two of the packages, bitcoinlibdbfix and bitcoinlib-dev, masquerade as fixes for recent issues detected in a legitimate Python module called bitcoinlib, according to ReversingLabs. A third package discovered by Socket, disgrasya, contained a First seen on…
-
Malicious PyPI Package Targets E-commerce Sites with Automated Carding Script
by
in SecurityNewsCybersecurity researchers from Socket have exposed a malicious Python package on PyPI, named disgrasya, designed to automate credit card fraud on WooCommerce-based e-commerce sites. Unlike conventional supply chain attacks that rely on deception or typosquatting, disgrasya was overtly malicious, leveraging PyPI as a distribution platform to reach a broad audience of fraudsters. The package specifically…
-
Thousands Impacted By Data Exfiltrating PyPI Packages
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/thousands-impacted-by-data-exfiltrating-pypi-packages
-
Thousands impacted by data exfiltrating PyPI packages
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/thousands-impacted-by-data-exfiltrating-pypi-packages
-
âš¡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More
by
in SecurityNews
Tags: attack, cybersecurity, exploit, finance, fraud, group, Hardware, malware, open-source, pypi, ransomware, router, supply-chain, threat, toolFrom sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week’s cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat groups are exploiting outdated hardware, abusing legitimate tools for financial fraud, and finding new ways to bypass security defenses. Meanwhile, supply chain threats are on the rise, with open-source First…
-
AI development pipeline attacks expand CISOs’ software supply chain risk
by
in SecurityNews
Tags: access, ai, api, application-security, attack, backdoor, breach, business, ciso, cloud, container, control, cyber, cybersecurity, data, data-breach, detection, encryption, exploit, flaw, fortinet, government, infrastructure, injection, intelligence, LLM, malicious, malware, ml, network, open-source, password, penetration-testing, programming, pypi, risk, risk-assessment, russia, saas, sbom, service, software, supply-chain, threat, tool, training, vpn, vulnerabilitydevelopment pipelines are exacerbating software supply chain security problems.Incidents of exposed development secrets via publicly accessible, open-source packages rose 12% last year compared to 2023, according to ReversingLabs (RL).A scan of 30 of the most popular open-source packages found an average of six critical-severity and 33 high-severity flaws per package.Commercial software packages are also a…
-
Malicious PyPI Packages Stole Cloud Tokens”, Over 14,100 Downloads Before Removal
by
in SecurityNewsCybersecurity researchers have warned of a malicious campaign targeting users of the Python Package Index (PyPI) repository with bogus libraries masquerading as “time” related utilities, but harboring hidden functionality to steal sensitive data such as cloud access tokens.Software supply chain security firm ReversingLabs said it discovered two sets of packages totaling 20 of them. The…
-
New Cyber Attack Targets PyPI Users to Steal Cloud Tokens and Sensitive Data
by
in SecurityNewsA recent discovery by ReversingLabs researchers has unveiled a malicious cyber attack targeting the Python Package Index (PyPI) users, a popular platform for Python developers. This sophisticated campaign involves malicious packages masquerading as time-related utilities, but are designed to steal sensitive data, including valuable cloud tokens. The attack highlights the increasing vulnerability of open-source repositories…
-
New PyPI Malware Targets Developers to Steal Ethereum Wallets
A recent discovery by the Socket Research Team has unveiled a malicious PyPI package named set-utils, designed to steal Ethereum private keys by exploiting commonly used account creation functions. This package masquerades as a utility for Python sets, mimicking popular libraries like python-utils and utils, thereby deceiving developers into installing it. Since its release it…
-
This Malicious PyPI Package Stole Ethereum Private Keys via Polygon RPC Transactions
by
in SecurityNewsCybersecurity researchers have discovered a malicious Python package on the Python Package Index (PyPI) repository that’s equipped to steal a victim’s Ethereum private keys by impersonating popular libraries.The package in question is set-utils, which has received 1,077 downloads to date. It’s no longer available for download from the official registry.”Disguised as a simple utility for…
-
Ethereum private key stealer on PyPI downloaded over 1,000 times
by
in SecurityNewsA malicious Python Package Index (PyPI) package named “set-utils” has been stealing Ethereum private keys through intercepted wallet creation functions and exfiltrating them via the Polygon blockchain. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ethereum-private-key-stealer-on-pypi-downloaded-over-1-000-times/
-
Infostealers spread via malicious DeepSeek-spoofing PyPI packages
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/infostealers-spread-via-malicious-deepseek-spoofing-pypi-packages
-
New PyPI Archiving System Aims to Curb Open-Source Security Risks
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/new-pypi-archiving-system-aims-to-curb-open-source-security-risks
-
Hackers impersonate DeepSeek to distribute malware
by
in SecurityNews
Tags: access, ai, api, attack, automation, breach, china, cloud, computer, credentials, cyberattack, data, hacker, infrastructure, leak, LLM, malicious, malware, ml, pypi, threat, tool, vulnerabilityTo make things worse than they already are for DeepSeek, hackers are found flooding the Python Package Index (PyPI) repository with fake DeepSeek packages carrying malicious payloads.According to a discovery made by Positive Expert Security Center (PT ESC), a campaign was seen using this trick to dupe unsuspecting developers, ML engineers, and AI enthusiasts looking…
-
Beware of Fake DeepSeek PyPI packages that Delivers Malware
The Positive Technologies Expert Security Center (PT ESC) recently uncovered a malicious campaign targeting the Python Package Index (PyPI) repository. The campaign involved two packages, named deepseeek and deepseekai, designed to collect sensitive user data and environment variables. These packages exploited the growing interest in AI and machine learning tools, particularly targeting developers and AI…
-
Hackers Hide Malware in Fake DeepSeek PyPI Packages
Malicious DeepSeek packages on PyPI spread malware, stealing sensitive data like API keys. Learn how this attack targeted developers and how to protect yourself. First seen on hackread.com Jump to article: hackread.com/hackers-hide-malware-fake-deepseek-pypi-packages/
-
AI Malware Dressed Up as DeepSeek Packages Lurk in PyPi
by
in SecurityNewsAdversaries looking to ride the DeepSeek interest wave are taking advantage of developers in a rush to deploy the new technology, by using AI-generated malware against them. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/ai-malware-deepseek-packages-pypi
-
New PyPI project archiving system aims to curb open-source security risks
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/new-pypi-project-archiving-system-aims-to-curb-open-source-security-risks
-
DeepSeek AI tools impersonated by infostealer malware on PyPI
Threat actors are taking advantage of the rise in popularity of the DeepSeek to promote two malicious infostealer packages on the Python Package Index (PyPI), where they impersonated developer tools for the AI platform. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/deepseek-ai-tools-impersonated-by-infostealer-malware-on-pypi/
-
DeepSeek’s popularity exploited to push malicious packages via PyPI
by
in SecurityNewsTwo malicious packages leveraging the DeepSeek name have been published to the Python Package Index (PyPI) package repository, and in the 30 minutes or so they were up, they … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/03/deepseeks-popularity-exploited-to-push-malicious-packages-via-pypi/
-
PyPI Introduces Archival Status to Alert Users About Unmaintained Python Packages
by
in SecurityNewsThe maintainers of the Python Package Index (PyPI) registry have announced a new feature that allows package developers to archive a project as part of efforts to improve supply chain security.”Maintainers can now archive a project to let users know that the project is not expected to receive any more updates,” Facundo Tuesca, senior engineer…
-
PyPI adds project archiving system to stop malicious updates
by
in SecurityNewsThe Python Package Index (PyPI) has announced the introduction of ‘Project Archival,’ a new system that allows publishers to archive their projects, indicating to the users that no updates are to be expected. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/pypi-adds-project-archiving-system-to-stop-malicious-updates/
-
Breach Roundup: Researchers Find Flaws in Palo Alto Firewalls
by
in SecurityNewsAlso: US Prosecutors Charge Suspected North Korean IT Worker Collaborators. This week, researchers spied Palo Alto firewall flaws, a North Korean IT worker conspiracy, ChatGPT as DDoS vector. Chinese hackers targeted a VPN maker, a fake PyPi package and a Russian threat actor shifted tactics. BreachForums admin faces prison and scammers used the release of…
-
Python administrator moves to improve software security
by
in SecurityNewsThe administrators of the Python Package Index (PyPI) have begun an effort to improve the hundreds of thousands of software packages that are listed. The attempt, which began earlier last year, is to identify and stop malware-laced packages from proliferating across the open-source community that contributes and consumes Python software. As previously reported, hijacking Python…
-
Malicious npm and PyPI target Solana Private keys to steal funds from victims’ wallets
by
in SecurityNewsResearchers found malicious npm and PyPI packages capable of stealing and deleting sensitive data from infected systems. Socket researchers have identified multiple packages in the npm and Python Package Index (PyPI) repository designed to target Solana private keys and drain funds from victims’ wallets. The malicious npm packages allowed the threat actors to exfiltrate Solana…
-
Hackers Weaponize Security Testing By Weaponizing npm, PyPI, Ruby Exploit Packages
by
in SecurityNewsOver the past year, malicious actors have been abusing OAST services for data exfiltration, C2 channel establishment, and multi-stage attacks by leveraging compromised JavaScript, Python, and Ruby packages. OAST tools, initially designed for ethical researchers to perform network interactions, can also be exploited by threat actors for malicious purposes such as data exfiltration and pivot…
-
Beware of New Malicious PyPI packages That Steals Login Details
by
in SecurityNewsTwo malicious Python packages, Zebo-0.1.0 and Cometlogger-0.1, were recently detected by Fortinet’s AI-driven OSS malware detection system. These packages, spotted on November 16 and November 24, 2024, respectively, represent significant threats to users by leveraging advanced malware techniques. These findings underscore the critical importance of robust cybersecurity measures to protect against such sophisticated threats. Malicious…
-
Researchers Uncover PyPI Packages Stealing Keystrokes and Hijacking Social Accounts
by
in SecurityNewsCybersecurity researchers have flagged two malicious packages that were uploaded to the Python Package Index (PyPI) repository and came fitted with capabilities to exfiltrate sensitive information from compromised hosts, according to new findings from Fortinet FortiGuard Labs.The packages, named zebo and cometlogger, attracted 118 and 164 downloads each, prior to them being taken down. First…