all InfoSec news
Multiple malicious packages in PyPI repository found stealing AWS secrets
Security Affairs securityaffairs.co
Researchers discovered multiple malicious Python packages in the official PyPI repository stealing AWS credentials and other info. Sonatype researchers discovered multiple Python packages in the official PyPI repository that have been developed to steal secrets (i.e. AWS credentials and environment variables) and also upload these to a publicly exposed endpoint. The malicious packages, which were […]
The post Multiple malicious packages in PyPI repository found stealing AWS secrets appeared first on Security Affairs.
aws breaking news hacking hacking news information security news it information security malicious malicious packages pierluigi paganini pypi pypi malicious packages repository secrets security stealing