all InfoSec news
Attacker floods PyPI with 450+ malicious packages that drop Windows trojan via Dropbox
Malware Analysis, News and Indicators - Latest topics malware.news
Sonatype has been tracking an open source malware campaign developing over the weekend in which a threat actor is infiltrating the PyPI software registry with hundreds of malicious packages. These packages are being rapidly removed by the PyPI admins as they come up, but the behavior continues well into today.
Article Link: Attacker floods PyPI with 450+ malicious packages that drop Windows trojan via Dropbox
1 post - 1 participant
actor article campaign dropbox floods link malicious malicious packages malware malware campaign open source packages pypi registry software sonatype threat threat actor tracking trojan weekend windows