all InfoSec news
VMConnect: Malicious PyPI packages imitate popular open source modules
Malware Analysis, News and Indicators - Latest topics malware.news
ReversingLabs has identified several malicious Python packages on the Python Package Index (PyPI) open source repository. In all, ReversingLabs researchers uncovered 24 malicious packages imitating three, popular open source Python tools: vConnector, a wrapper module for pyVmomi VMware vSphere bindings; as well as eth-tester, a collection of tools for testing ethereum based applications; and databases, a tool that gives asyncro support for a range of databases.
Based on the research team's observations, the campaign began on or around July …
collection eth ethereum malicious malicious packages modules open source package packages popular pypi pypi packages python python package python package index python tools repository researchers reversinglabs testing tools vmware vmware vsphere vsphere wrapper