all InfoSec news
Dormant PyPI Package Updated to Deploy NovaSentinel Stealer
Feb. 22, 2024, 7:44 p.m. | Phylum Research Team
Phylum blog.phylum.io
On Wednesday, February 21, Phylum’s automated risk detection platform alerted us to an anomalous publication of a PyPI package named django-log-tracker. This package was first published to PyPI in April 2022. The linked Github repository shows activity around the same time. It’s interesting to note, though,
april automated deploy detection django february github github repository log package phylum platform pypi pypi package repository research risk stealer tracker
More from blog.phylum.io / Phylum
Python Package Installation Attacks
3 days, 22 hours ago |
blog.phylum.io
Python Trojan Functions and Imports
3 days, 22 hours ago |
blog.phylum.io
Python Package Spoofing
3 days, 22 hours ago |
blog.phylum.io
Series: How Malicious Python Code Gains Execution
3 days, 22 hours ago |
blog.phylum.io
Nation-State Threat Actors Renew Publications to npm
4 days, 15 hours ago |
blog.phylum.io
Q1 2024 Evolution of Software Supply Chain Security Report
1 week, 5 days ago |
blog.phylum.io
Rust crate shipping xz backdoor
2 weeks, 3 days ago |
blog.phylum.io
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Network Security Engineer
@ Meta | Menlo Park, CA | Remote, US
Security Engineer, Investigations - i3
@ Meta | Washington, DC
Threat Investigator- Security Analyst
@ Meta | Menlo Park, CA | Seattle, WA | Washington, DC
Security Operations Engineer II
@ Microsoft | Redmond, Washington, United States
Engineering -- Tech Risk -- Global Cyber Defense & Intelligence -- Bug Bounty -- Associate -- Dallas
@ Goldman Sachs | Dallas, Texas, United States