all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Attacker floods PyPI with 450+ malicious packages that drop Windows trojan via Dropbox

Add to bookmarks
Feb. 27, 2023, 4:09 a.m. | Ax Sharma

Security Boulevard securityboulevard.com




Sonatype has been tracking an open source malware campaign developing over the weekend in which a threat actor is infiltrating the PyPI software registry with hundreds of malicious packages. These packages are being rapidly removed by the PyPI admins as they come up, but the behavior continues well into today.


The post Attacker floods PyPI with 450+ malicious packages that drop Windows trojan via Dropbox appeared first on Security Boulevard.

actor campaign dropbox featured floods malicious malicious packages malware malware analysis malware campaign open source packages pypi registry software sonatype threat threat actor tracking trojan vulnerabilities weekend windows

Visit resource

More from securityboulevard.com / Security Boulevard

Lawsuits After Ransomware on the Rise, Comparitech Says 3 hours ago | securityboulevard.com
attacks companies cost of data breach cyberlaw +24
Product Release: PreVeil 5.0 4 hours ago | securityboulevard.com
list page product product release +5
What’s hot at RSAC 2024: 8 SSCS talks you don’t want to miss 6 hours ago | securityboulevard.com
appsec & supply chain security cisos development don +16
It’s 3am… Do You Know Where Your Data Is? 7 hours ago | securityboulevard.com
3am blog data security +2
Zero-Day Nightmare: Palo Alto, Cisco, and MITRE Under Attack 9 hours ago | securityboulevard.com
adaptive security alto asa attack +29
Venafi Launches 90-Day TLS Certificate Renewal Initiative 9 hours ago | securityboulevard.com
application security appsec certificate certificate management +26
Hyperproof and ServiceNow: Elevating Enterprise Control Orchestration with Better Task Management 9 hours ago | securityboulevard.com
blog posts business compliance compliance operations +17
Data Breaches in April 2024 – Infographic 13 hours ago | securityboulevard.com
april big breaches cyber attacks +10
Intel 471 Acquires Cyborg Security to Expand Its Cyber Threat Intelligence Portfolio with Innovative Threat … 14 hours ago | securityboulevard.com
actor advanced april blog +26

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Azure DevSecOps Cloud Engineer II

@ Prudent Technology | McLean, VA, USA
View on infosec-jobs.com

Security Engineer III - Python, AWS

@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
View on infosec-jobs.com

SOC Analyst (Threat Hunter)

@ NCS | Singapore, Singapore
View on infosec-jobs.com

Managed Services Information Security Manager

@ NTT DATA | Sydney, Australia
View on infosec-jobs.com

Senior Security Engineer (Remote)

@ Mattermost | United Kingdom
View on infosec-jobs.com

Penetration Tester (Part Time & Remote)

@ TestPros | United States - Remote
View on infosec-jobs.com
View more jobs