all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Attacker floods PyPI with 450+ malicious packages that drop Windows trojan via Dropbox

Add to bookmarks
Feb. 27, 2023, 4:15 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news




Sonatype has been tracking an open source malware campaign developing over the weekend in which a threat actor is infiltrating the PyPI software registry with hundreds of malicious packages. These packages are being rapidly removed by the PyPI admins as they come up, but the behavior continues well into today.



Article Link: Attacker floods PyPI with 450+ malicious packages that drop Windows trojan via Dropbox


1 post - 1 participant


Read full topic

actor article campaign dropbox floods link malicious malicious packages malware malware campaign open source packages pypi registry software sonatype threat threat actor tracking trojan weekend windows

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps 59 minutes ago | malware.news
android android apps application applications +24
Microsoft named overall leader in KuppingerCole Leadership Compass for ITDR an hour ago | malware.news
article blog community compass +11
Release Notes: YARA Search, New Rules, Config Extractors, and More 2 hours ago | malware.news
any.run april config data +22
2023 Activities Summary of SectorJ groups (KOR) 3 hours ago | malware.news
ransomware
ISC Stormcast For Thursday, May 2nd, 2024 https://isc.sans.edu/podcastdetail/8964, (Thu, May 2nd) 4 hours ago | malware.news
topic
Verizon’s 2024 Data Breach Investigations Report: 5 key takeaways 6 hours ago | malware.news
ai threats article breach data +16
Analysis of TargetCompany’s Attacks Against MS-SQL Servers (Mallox, BlueSky Ransomware) 7 hours ago | malware.news
ahnlab analysis asec attacks +21
4 Easy Ways to Find Free Wi-Fi Anywhere You Go 8 hours ago | malware.news
can challenge coffee easy +10
AI's Offensive & Defensive Impacts 9 hours ago | malware.news
alto blog cybersecurity defensive +11

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Application Security Engineer - Remote Friendly

@ Unit21 | San Francisco,CA; New York City; Remote USA;
View on infosec-jobs.com

Cloud Security Specialist

@ AppsFlyer | Herzliya
View on infosec-jobs.com

Malware Analysis Engineer - Canberra, Australia

@ Apple | Canberra, Australian Capital Territory, Australia
View on infosec-jobs.com

Product CISO

@ Fortinet | Sunnyvale, CA, United States
View on infosec-jobs.com

Manager, Security Engineering

@ Thrive | United States - Remote
View on infosec-jobs.com
View more jobs