all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Multiple Backdoored Python Libraries Caught Stealing AWS Secrets and Keys

Add to bookmarks
June 27, 2022, 5:58 a.m. | noreply@blogger.com (Ravie Lakshmanan)

The Hacker News thehackernews.com

Researchers have discovered a number of malicious Python packages in the official third-party software repository that are engineered to exfiltrate AWS credentials and environment variables to a publicly exposed endpoint.
The list of packages includes loglib-modules, pyg-modules, pygrata, pygrata-utils, and hkg-sol-utils, according to Sonatype security researcher Ax Sharma. The packages and as

aws caught keys python secrets stealing

Visit resource

More from thehackernews.com / The Hacker News

OfflRouter Malware Evades Detection in Ukraine for Almost a Decade 10 hours ago | thehackernews.com
analysis called cisco cisco talos +22
FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor 11 hours ago | thehackernews.com
auto auto industry automotive automotive industry +17
Recover from Ransomware in 5 Minutes—We will Teach You How! 14 hours ago | thehackernews.com
attack back can cdp +21
New Android Trojan 'SoumniBot' Evades Detection with Clever Tricks 14 hours ago | thehackernews.com
analysis android android trojan called +16
How to Conduct Advanced Static Analysis in a Malware Sandbox 14 hours ago | thehackernews.com
advanced analysis can dynamic +17
Global Police Operation Disrupts 'LabHost' Phishing Service, Over 30 Arrested Worldwide 14 hours ago | thehackernews.com
arrested as-a-service called crackdown +14
Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes 19 hours ago | thehackernews.com
access april critical critical vulnerabilities +25
Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor 20 hours ago | thehackernews.com
actor ads backdoor campaign +16
Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks 1 day, 11 hours ago | thehackernews.com
advanced advanced persistent threat apt apt44 +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Cybersecurity Consultant- Governance, Risk, and Compliance team

@ EY | Tel Aviv, IL, 6706703
View on infosec-jobs.com

Professional Services Consultant

@ Zscaler | Escazú, Costa Rica
View on infosec-jobs.com

IT Security Analyst

@ Briggs & Stratton | Wauwatosa, WI, US, 53222
View on infosec-jobs.com

Cloud DevSecOps Engineer - Team Lead

@ Motorola Solutions | Krakow, Poland
View on infosec-jobs.com
View more jobs