all InfoSec news
More than 200 cryptomining packages flood npm and PyPI registry
Security Boulevard securityboulevard.com
Sonatype has spotted 186 malicious packages flooding the npm registry today. These packages infect Linux hosts with cryptominers by downloading a malicious Bash script from the threat actor's server via the Bitly URL shortener service. Our discovery follows another researcher's discovery of 55 PyPI packages from this week, that also pull crypto miners in an identical fashion from the same offending URL.
The post More than 200 cryptomining packages flood npm and PyPI registry appeared first on Security Boulevard.
cryptomining devzone featured flood malware prevention nexus firewall npm pypi registry vulnerabilities