all InfoSec news
PyPI repo poisoned with "Colour-Blind" RAT
ReversingLabs Blog blog.reversinglabs.com
Malicious actors are increasingly dropping malware packages into open-source software repositories in the hope that developers will spread that malicious code throughout their applications. The latest case in point: Kroll's recent discovery of a full-featured information stealer and remote access trojan (RAT) into the Python Package Index (PyPI).
access applications case code colour-blind developers discovery featured hope information information stealer kroll latest malicious malicious actors malware open-source software package packages point pypi python python package python package index rat remote access remote access trojan repo repositories software software supply chain security stealer threat research trojan