all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Malicious PyPI Packages Using Compiled Python Code to Bypass Detection

Add to bookmarks
June 1, 2023, 12:16 p.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

Researchers have discovered a novel attack on the Python Package Index (PyPI) repository that employs compiled Python code to sidestep detection by application security tools.
"It may be the first supply chain attack to take advantage of the fact that Python bytecode (PYC) files can be directly executed," ReversingLabs analyst Karlo Zanki said in a report shared with The Hacker News.
The package

analyst application application security application security tools attack bypass bytecode code detection fact files malicious may novel package packages pypi pypi packages python python package python package index repository researchers reversinglabs security security tools supply supply chain supply chain attack tools

Visit resource

More from thehackernews.com / The Hacker News

Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator 6 hours ago | thehackernews.com
addition administrator agency crime +17
APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data 9 hours ago | thehackernews.com
academia access activists apt42 +32
China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion 9 hours ago | thehackernews.com
attack back china china-linked hackers +16
New Case Study: The Malicious Comment 11 hours ago | thehackernews.com
case code comments discover +12
Google Simplifies 2-Factor Authentication Setup (It's More Important Than Ever) 12 hours ago | thehackernews.com
2fa 2-step verification 2sv accounts +18
Russian Operator of BTC-e Crypto Exchange Pleads Guilty to Money Laundering 12 hours ago | thehackernews.com
alexander vinnik august btc btc-e +19
Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution 1 day, 8 hours ago | thehackernews.com
cisco code code execution critical +21
China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices 1 day, 8 hours ago | thehackernews.com
arcanedoor attack attack surface attack surface management +23
It Costs How Much?!? The Financial Pitfalls of Cyberattacks on SMBs 1 day, 11 hours ago | thehackernews.com
business cyberattacks cybercriminals financial +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Principal Engineer - DLP Endpoint Security

@ Netskope | Bengaluru, Karnataka, India
View on infosec-jobs.com

Security Consultant (m/w/d)

@ Deutsche Telekom | Berlin, Deutschland
View on infosec-jobs.com

Security Engineer

@ IDEMIA | Haarlem, NL, 2031 CC
View on infosec-jobs.com

CyberSecurity Forensics and Incident Response Analyst

@ Bosch Group | Pittsburgh, PA, United States
View on infosec-jobs.com

Cyber MS MDR - Sr Associate

@ KPMG India | Bengaluru, Karnataka, India
View on infosec-jobs.com

Senior Lead Cybersecurity Architect-Threat modeling, Cryptography

@ JPMorgan Chase & Co. | India
View on infosec-jobs.com
View more jobs