all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

How two Python and PHP dependencies, ctx and Phpass, became malware that stole secrets and credentials

Add to bookmarks
May 25, 2022, 1:37 a.m. |

LunaTrace Blog www.lunasec.io

A security expert's analysis of the malicious code added to ctx and Phpass, Python and PHP dependencies, that turned them into malware by sending environment variables and credentials to a third party attacker.

credentials ctx dependencies malware php python secrets

Visit resource

More from www.lunasec.io / LunaTrace Blog

LunaSec + AI = LunaBrain - Our new blog series on AI 1 year ago | www.lunasec.io
ai ai models blog build +8
Cerebras-GPT vs LLaMA AI Model Comparison 1 year, 1 month ago | www.lunasec.io
ai ai model ai models gpt +4
OpenAI Vendor Lock-in: The Ironic Story of How OpenAI Went from Open Source to "Open … 1 year, 1 month ago | www.lunasec.io
lock openai open source relationship +4
Drowning in Vulnerabilities? 1 year, 2 months ago | www.lunasec.io
appsec fix learn matter +2
Use the CSSStyleSheets API in a React App 1 year, 2 months ago | www.lunasec.io
api app application css +2
LunaTrace Your Repos for Known Exploited Vulnerabilities 1 year, 3 months ago | www.lunasec.io
cisa critical critical vulnerabilities exploited +9
What is EPSS? A new rating system for exploitability of vulnerabilities. 1 year, 5 months ago | www.lunasec.io
system vulnerabilities what is
Text4Shell: A Vulnerability in Java library Apache Commons Text (CVE-2022-42889, Act4Shell) 1 year, 6 months ago | www.lunasec.io
apache apache commons apache commons text commons +9
Security Guide for Startups: How to think about security while moving quickly 1 year, 9 months ago | www.lunasec.io
guide moving security security guide +1

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

DevSecOps Engineer

@ LinQuest | Beavercreek, Ohio, United States
View on infosec-jobs.com

Senior Developer, Vulnerability Collections (Contractor)

@ SecurityScorecard | Remote (Turkey or Latin America)
View on infosec-jobs.com

Cyber Security Intern 03416 NWSOL

@ North Wind Group | RICHLAND, WA
View on infosec-jobs.com

Senior Cybersecurity Process Engineer

@ Peraton | Fort Meade, MD, United States
View on infosec-jobs.com

Sr. Manager, Cybersecurity and Info Security

@ AESC | Smyrna, TN 37167, Smyrna, TN, US | Santa Clara, CA 95054, Santa Clara, CA, US | Florence, SC 29501, Florence, SC, US | Bowling Green, KY 42101, Bowling Green, KY, US
View on infosec-jobs.com
View more jobs