all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Researchers Uncover 3 PyPI Packages Spreading Malware to Developer Systems

Add to bookmarks
Jan. 17, 2023, 6:36 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

A threat actor by the name Lolip0p has uploaded three rogue packages to the Python Package Index (PyPI) repository that are designed to drop malware on compromised developer systems.
The packages – named colorslib (versions 4.6.11 and 4.6.12), httpslib (versions 4.6.9 and 4.6.11), and libhttps (version 4.6.12) – by the author between January 7, 2023, and January 12, 2023. They have since been

actor author compromised developer january malware name package packages pypi pypi packages python python package python package index repository researchers rogue rogue packages systems threat threat actor uncover version

Visit resource

More from thehackernews.com / The Hacker News

Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack an hour ago | thehackernews.com
alto attack bugs critical +22
Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks 2 hours ago | thehackernews.com
attacks can critical critical update +25
BlackTech Targets Tech, Research, and Gov Sectors New 'Deuterbear' Tool 17 hours ago | thehackernews.com
actor asia attack backdoor +15
How Attackers Can Own a Business Without Touching the Endpoint 20 hours ago | thehackernews.com
apps attack attackers attack techniques +14
Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers 20 hours ago | thehackernews.com
akira akira ransomware america businesses +19
Hackers Target Middle East Governments with Evasive "CR4T" Backdoor 1 day, 1 hour ago | thehackernews.com
backdoor campaign cybersecurity cybersecurity company +15
OfflRouter Malware Evades Detection in Ukraine for Almost a Decade 1 day, 17 hours ago | thehackernews.com
analysis called cisco cisco talos +22
FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor 1 day, 17 hours ago | thehackernews.com
auto auto industry automotive automotive industry +17
Recover from Ransomware in 5 Minutes—We will Teach You How! 1 day, 20 hours ago | thehackernews.com
attack back can cdp +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Cyber Security Architect - SR

@ ERCOT | Taylor, TX
View on infosec-jobs.com

SOC Analyst

@ Wix | Tel Aviv, Israel
View on infosec-jobs.com

Associate Director, SIEM & Detection Engineering(remote)

@ Humana | Remote US
View on infosec-jobs.com

Senior DevSecOps Architect

@ Computacenter | Birmingham, GB, B37 7YS
View on infosec-jobs.com
View more jobs