Malicious PyPI, NPM packages facilitate data exfiltration

Sept. 28, 2023, 6:53 p.m. | SC Staff

SC Magazine feed for Threats www.scmagazine.com

Forty-five malicious NPM and PyPI packages have been deployed by threat actors to facilitate extensive data theft operations as part of a campaign that commenced on Sept. 12, according to BleepingComputer.

bleepingcomputer campaign data data exfiltration data theft exfiltration malicious malicious npm npm operations packages pypi pypi packages theft threat threat actors threat intelligence

Visit resource

More from www.scmagazine.com / SC Magazine feed for Threats

RSAC 2024: Outfoxing SSO: Bypassing modern authentication 5 hours ago | www.scmagazine.com

abuse adversary authentication bypass +14

Shortcomings of updated US critical infrastructure defense policy evaluated 13 hours ago | www.scmagazine.com

administration biden biden administration cloud +26

Widespread RCE compromise likely with critical TinyProxy bug 13 hours ago | www.scmagazine.com

attacks bug code code execution +24

Novel Cuckoo macOS infostealer features spyware capabilities 13 hours ago | www.scmagazine.com

application security arm attacks capabilities +15

ArcaneDoor attacks linked to Chinese threat actors 14 hours ago | www.scmagazine.com

arcanedoor attack attacks campaign +22

Beyond Threats: The Shift to Proactive MDR - Randy Watkins - RSA24 #2 23 hours ago | www.scmagazine.com

beyond mdr proactive rsa24 +2

Bots are Taking Over the Internet: What That Means for Security - Erez Hasson - … 23 hours ago | www.scmagazine.com

bots internet rsa24 security +1

CTEM: Understanding the essentials and why it matters - Zaira Pirzada - RSA24 #1 1 day, 23 hours ago | www.scmagazine.com

ctem rsa24 threat management understanding

Unpacking XDR: Coverage, Stitching, Aggregation – and the GenAI Wildcard - Oliver Tavakoli - RSA24 … 1 day, 23 hours ago | www.scmagazine.com

aggregation genai rsa24 threat management +3

Cyber Security Engineer I

@ Fortress Security Risk Management | Cleveland, OH, United States

View on infosec-jobs.com

Senior DevSecOps Engineer

@ Wisk Aero | Remote United States

View on infosec-jobs.com

Vulnerable Adult Investigator - Vice President

@ JPMorgan Chase & Co. | Chicago, IL, United States

View on infosec-jobs.com

Consultant Réseaux IT Digital Impulse - H/F

@ Talan | Paris, France

View on infosec-jobs.com

DevSecOps Engineer (Onsite)

@ Accenture Federal Services | Arlington, VA

View on infosec-jobs.com

Senior Security Engineer

@ Minitab | State College, Pennsylvania, United States

View on infosec-jobs.com

View more jobs

all InfoSec news

Malicious PyPI, NPM packages facilitate data exfiltration

More from www.scmagazine.com / SC Magazine feed for Threats

Jobs in InfoSec / Cybersecurity

Cyber Security Engineer I

Senior DevSecOps Engineer

Vulnerable Adult Investigator - Vice President

Consultant Réseaux IT Digital Impulse - H/F

DevSecOps Engineer (Onsite)

Senior Security Engineer