all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

PyPI paused as automated attack overwhelms admins

Add to bookmarks
May 23, 2023, 2:35 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news


PyPI came under attack from bots at the weekend. Bad actors were trying to submit malicious packages with names similar to established dependencies.


It’s yet another scary illustration of the fragility inherent in our software supply chains. In this week’s Secure Software Blogwatch, we look deeper.


Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: For Doom fans.


[ Related repo news: RATs found hiding in the npm attic ]


Python team needs a …

attack automated bad bad actors bits bots dependencies malicious malicious packages names packages paused pypi scary secure software secure software blogwatch software software supply chains supply supply chains under weekend

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Ghost Locker 2.0: The Evolving Threat of Ransomware-as-a-Service Unveiled by GhostSec 22 minutes ago | malware.news
affiliates as-a-service framework ghost +15
OpenMetadata Vulnerabilities Allow Attackers to Cryptomine in Kubernetes Environments 22 minutes ago | malware.news
attackers blog critical critical vulnerabilities +17
Cannabis investment scam JuicyFields ends in 9 arrests 42 minutes ago | malware.news
arrested arrests cannabis distribution +16
New PowerShell Script Tracer: Analyze PowerShell Execution an hour ago | malware.news
administrators any.run attacks can +18
The Global Codebashing AppSec Training Initiative by Checkmarx and OWASP an hour ago | malware.news
application application security appsec checkmarx +8
Checkmarx and OWASP Launch First-ever Global Codebashing Learning Initiative an hour ago | malware.news
access adoption application application security +23
Compliance Through Vigilance; SOCRadar XTI for Compliant Organizations 2 hours ago | malware.news
age assets aware businesses +16
DuneQuixote campaign targets Middle Eastern entities with “CR4T” malware 2 hours ago | malware.news
campaign dropper droppers east +15
Security Advisory – Vulnerabilities in Fortinet 3 hours ago | malware.news
advisory attacker code cve +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Cybersecurity Engineer

@ Alstom | Charleroi, BE
View on infosec-jobs.com

Member of Compliance, Information Technology

@ Anchorage Digital | United States
View on infosec-jobs.com

Information Security Consultant (GRC) - Cumulus Systems

@ Hitachi | (HIL) DELHI - RHQ
View on infosec-jobs.com

Security Engineer

@ EarnIn | Mexico
View on infosec-jobs.com
View more jobs