Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that targets Apple macOS systems with the goal of stealing users’ Google Cloud credentials from a narrow pool of victims.
The package, named “lr-utils-lib,” attracted a total of 59 downloads before it was taken down. It was uploaded to the registry in early June 2024.
“The malware uses a
The package, named “lr-utils-lib,” attracted a total of 59 downloads before it was taken down. It was uploaded to the registry in early June 2024.
“The malware uses a
React to this headline: