-
Japan warns of malicious PyPi packages created by North Korean hackers
Japan's Computer Security Incident Response Team (JPCERT/CC) is warning that the notorious North Korean hacking group Lazarus has uploaded four malicious PyPI packages to infect developers with malware.
- February 28, 2024
- 10:04 AM
0
-
SSH keys stolen by stream of malicious PyPI and npm packages
A stream of malicious npm and PyPi packages have been found stealing a wide range of sensitive data from software developers on the platforms.
- September 27, 2023
- 05:48 PM
1
-
Lazarus hackers deploy fake VMware PyPI packages in VMConnect attacks
North Korean state-sponsored hackers have uploaded malicious packages to the PyPI (Python Package Index) repository, camouflaging one of them as a VMware vSphere connector module named vConnector.
- August 31, 2023
- 02:47 PM
- 0
-
Fake VMware vConnector package on PyPI targets IT pros
A malicious package that mimics the VMware vSphere connector module 'vConnector' was uploaded on the Python Package Index (PyPI) under the name 'VMConnect,' targeting IT professionals.
- August 04, 2023
- 07:37 AM
- 0
-
PyPI announces mandatory use of 2FA for all software publishers
The Python Package Index (PyPI) has announced that it will require every account that manages a project on the platform to have two-factor authentication (2FA) turned on by the end of the year.
- May 28, 2023
- 10:09 AM
- 0
-
PyPI temporarily pauses new users, projects amid high volume of malware
PyPI, the official third-party registry of open source Python packages has temporarily suspended new users from signing up, and new projects from being uploaded to the platform until further notice. The unexpected move comes amid the registry's struggle to upkeep with a large influx of malicious users and packages
- May 20, 2023
- 09:19 PM
- 0
-
Python info-stealing malware uses Unicode to evade detection
A malicious Python package on PyPI uses Unicode as an obfuscation technique to evade detection while stealing and exfiltrating developers' account credentials and other sensitive data from compromised devices.
- March 23, 2023
- 11:09 AM
- 0
-
451 PyPI packages install Chrome extensions to steal crypto
Over 450 malicious PyPI python packages were found installing malicious Chromium browser extensions to hijack cryptocurrency transactions made through browser-based crypto wallets and websites.
- February 13, 2023
- 02:46 PM
- 0
-
Devs targeted by W4SP Stealer malware in malicious PyPi packages
Five malicious packages were found on the Python Package Index (PyPI), stealing passwords, Discord authentication cookies, and cryptocurrency wallets from unsuspecting developers.
- February 12, 2023
- 10:12 AM
- 0
-
Malicious ‘Lolip0p’ PyPi packages install info-stealing malware
A threat actor has uploaded to the PyPI (Python Package Index) repository three malicious packages that carry code to drop info-stealing malware on developers' systems.
- January 16, 2023
- 11:41 AM
- 1
-
Malicious PyPi packages create CloudFlare Tunnels to bypass firewalls
Six malicious packages on PyPI, the Python Package Index, were found installing information-stealing and RAT (remote access trojan) malware while using Cloudflare Tunnel to bypass firewall restrictions for remote access.
- January 07, 2023
- 10:12 AM
- 0
-
PyTorch discloses malicious dependency chain compromise over holidays
PyTorch has identified a malicious dependency with the same name as the framework's 'torchtriton' library. This has led to a successful compromise via the dependency confusion attack vector.
- January 01, 2023
- 01:26 AM
- 1
-
Hackers bombard PyPi platform with information-stealing malware
The PyPi python package repository is being bombarded by a wave of information-stealing malware hiding inside malicious packages uploaded to the platform to steal software developers' data.
- December 20, 2022
- 01:42 PM
- 0
-
Malicious ‘SentinelOne’ PyPI package steals data from developers
Threat actors have published a malicious Python package on PyPI, named 'SentinelOne,' that pretends to be the legitimate SDK client for the trusted American cybersecurity firm but, in reality, steals data from developers.
- December 19, 2022
- 12:00 PM
- 0
-
Dozens of PyPI packages caught dropping 'W4SP' info-stealing malware
Researchers have discovered over two dozen Python packages on the PyPI registry that are pushing info-stealing malware.
- November 02, 2022
- 01:21 PM
- 0
-
PyPI packages hijacked after developers fall for phishing emails
A phishing campaign caught yesterday was seen targeting maintainers of Python packages published to the PyPI registry. Python packages 'exotel' and 'spam' are among hundreds seen laced with malware after attackers successfully compromised accounts of maintainers who fell for the phishing email.
- August 25, 2022
- 07:18 AM
- 0
-
Malicious PyPi packages turn Discord into password-stealing malware
A dozen malicious PyPi packages have been discovered installing malware that modifies the Discord client to become an information-sealing backdoor and stealing data from web browsers and Roblox.
- August 17, 2022
- 12:11 PM
- 0
-
Malicious PyPi packages aim DDoS attacks at Counter-Strike servers
A dozen malicious Python packages were uploaded to the PyPi repository this weekend in a typosquatting attack that performs DDoS attacks on a Counter-Strike 1.6 server.
- August 15, 2022
- 06:03 PM
- 0
-
10 malicious PyPI packages found stealing developer's credentials
Threat analysts have discovered ten malicious Python packages on the PyPI repository, used to infect developer's systems with password-stealing malware.
- August 09, 2022
- 01:02 PM
- 0
-
PyPI mandates 2FA for critical projects, developer pushes back
On Friday, the Python Package Index (PyPI), repository of open source Python projects announced plans to rollout two factor authentication for maintainers of "critical" projects. Although many praised the move, the developer of a popular Python project decided to delete his code from PyPI in retaliation.
- July 09, 2022
- 12:31 PM
- 12
- 1
- 2
-
Remove the Theonlinesearch.com Search Redirect
Filed Under: Adware -
Remove the Smartwebfinder.com Search Redirect
Filed Under: Adware -
How to remove the PBlock+ adware browser extension
Filed Under: Adware -
Remove the Toksearches.xyz Search Redirect
Filed Under: Adware -
Remove the Smashapps.net Search Redirect
Filed Under: Adware
-
Version: 5.0.17.995M+ Downloads
-
Version: 4.14.12M+ Downloads
-
McAfee Consumer Products Removal tool
Version: NA442,274 Downloads -
Version: 8.4.0.056M+ Downloads
-
Version: 1.4.1.101724,974 Downloads
