Malicious packages found to be typo-squatting in Python Package Index
6y agoen
Source
A summary of two malicious typo-squatting packages recently removed from the Python Package Index.
You might also wanna read
Hacker uses Trojanized Python and PHP Packages to Steal AWS Keys
Packetlabs·4y ago
PyPI Implements New Security Measures to Prevent ZIP Parser Confusion Attacks
The Python Package Index (PyPI) is implementing new restrictions to safeguard Python package installers from ZIP parser confusion attacks. T
Typosquatted npm Package Delivers Windows RAT with Encrypted C2 and Registry Persistence
A malware campaign targets Windows systems via a typosquatted npm package called postcss-minify-selector-parser, disguised as the legitimate
cybersecuritynews.com·13d agoPyPI Supply Chain Attacks Expand: New Malicious Packages Target Bioinformatics and MCP Developers
Socket Threat Research team identified a new wave of PyPI supply chain attacks (Mini Shai-Hulud, Miasma, and Hades) that has expanded beyond
TanStack NPM Packages Compromised
github.com·1mo ago
Glassworm Threat Actor Returns with Unicode-Based Supply Chain Attacks on GitHub, npm, and VS Code
The Glassworm threat actor has returned with a new wave of supply chain attacks using invisible Unicode characters to compromise software re
aikido.dev·3mo ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.