PyPI

Developers Targeted With Malware Disguised as DeepSeek Package

DeepSeek, Malware, Malware & Threats, PyPI, Python /

Developers Targeted With Malware Disguised as DeepSeek Package 2025-02-04 at 14:03 By Eduard Kovacs Python developers looking to integrate DeepSeek into their projects were targeted with malicious packages delivered through PyPI. The post Developers Targeted With Malware Disguised as DeepSeek Package appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source […]

React to this headline:

Loading spinner

Developers Targeted With Malware Disguised as DeepSeek Package Read More »

DeepSeek’s popularity exploited to push malicious packages via PyPI

data theft, DeepSeek, Don't miss, Hot stuff, Malware, News, Positive Technologies, PyPI, Python /

DeepSeek’s popularity exploited to push malicious packages via PyPI 2025-02-03 at 15:33 By Zeljka Zorz Two malicious packages leveraging the DeepSeek name have been published to the Python Package Index (PyPI) package repository, and in the 30 minutes or so they were up, they have been downloaded 36 times. The malicious packages The attack started

React to this headline:

Loading spinner

DeepSeek’s popularity exploited to push malicious packages via PyPI Read More »

Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI

Malware & Threats, PyPI, Python /

Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI 2024-10-02 at 15:46 By Ionut Arghire Multiple Python packages referencing dependencies containing cryptocurrency-stealing code were published to PyPI. The post Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI Read More »

Malware Upload Attack Hits PyPI Repository

Checkmarx, Malware & Threats, PyPI, Supply Chain Security /

Malware Upload Attack Hits PyPI Repository 2024-03-28 at 20:31 By Ryan Naraine Maintainers of the Python Package Index (PyPI) repository were forced to suspend new project creation and new user registration to mitigate a malware upload campaign. The post Malware Upload Attack Hits PyPI Repository appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Malware Upload Attack Hits PyPI Repository Read More »

Securing software repositories leads to better OSS security

CISA, Don't miss, framework, GitHub, Hot stuff, Malware, News, open source, OpenSSF, PyPI /

Securing software repositories leads to better OSS security 2024-03-04 at 14:03 By Zeljka Zorz Malicious software packages are found on public software repositories such as GitHub, PyPI and the npm registry seemingly every day. Attackers use a number of tricks to fool developers or systems into downloading them, or they simply compromise the package developer’s

React to this headline:

Loading spinner

Securing software repositories leads to better OSS security Read More »

PyPI Packages Found to Expose Thousands of Secrets

Application Security, PyPI /

PyPI Packages Found to Expose Thousands of Secrets 14/11/2023 at 15:16 By Ionut Arghire GitGuardian discovered roughly 4,000 secrets in nearly 3,000 PyPI packages, including Azure, AWS, and GitHub keys. The post PyPI Packages Found to Expose Thousands of Secrets appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

PyPI Packages Found to Expose Thousands of Secrets Read More »

Over 45 thousand Users Fell Victim to Malicious PyPI Packages

All, Creal Stealer, Credit card, darkweb, Discord Webhook, Evilpip, GitHub, Google Chrome, Hazard Token Grabber, HTTP GET, infostealer, KEKW, Malware, phishing, PyPI, Python Package Index, Python Packages, Reaquests, Requests, Third party software, Threat Actors, Threat Intelligence, Tikcock Grabber, W4SP Stealer /

Over 45 thousand Users Fell Victim to Malicious PyPI Packages 09/06/2023 at 12:31 By cybleinc Through the analysis of more than 160 malicious Python packages, CRIL reveals insights into the threat landscape associated with Python packages. The post Over 45 thousand Users Fell Victim to Malicious PyPI Packages appeared first on Cyble. This article is

React to this headline:

Loading spinner

Over 45 thousand Users Fell Victim to Malicious PyPI Packages Read More »

PyPI Enforcing 2FA for All Project Maintainers to Boost Security

2FA, Identity & Access, PyPI /

PyPI Enforcing 2FA for All Project Maintainers to Boost Security 30/05/2023 at 17:06 By Ionut Arghire PyPI will require all accounts that maintain a project to enable two-factor authentication (2FA) by the end of 2023. The post PyPI Enforcing 2FA for All Project Maintainers to Boost Security appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

PyPI Enforcing 2FA for All Project Maintainers to Boost Security Read More »

New KEKW Malware Variant Identified in PyPI Package Distribution

.whl, 7Star, Amigo, Bitcoin, Brave, Cent Browser, Chrome, Clipper, cryptocurrecy, cybercrime, darkweb, Epic browser, fake app, Firefox, Google Chrome, Grabber, Info stealer, Iridium, KEKW, Kometa, Malware, Microsoft, Microsoft Edge, Minecraft, Orbitum, PyPI, Python, pythonsqlitetool, Roblox, Sputnik, Threat Intelligence, Torch, Video games, Vivaldi, Windows, Yandex /

New KEKW Malware Variant Identified in PyPI Package Distribution 07/05/2023 at 18:24 By cybleinc CRIL analyzes a new KEKW Malware variant with stealer & Clipper functionalities being distributed via PyPI Packages. The post New KEKW Malware Variant Identified in PyPI Package Distribution appeared first on Cyble. This article is an excerpt from Cyble View Original

React to this headline:

Loading spinner

New KEKW Malware Variant Identified in PyPI Package Distribution Read More »

Scroll to Top