Bleeping Computer

Python Package Installation Can Trigger Malicious Code

Although there is nothing special about code executing on a machine, the moment when this code is executed is a significant detail from a security standpoint. The Python programming language allows ...
Bleeping Computer

Malicious PyPI package with 37,000 downloads steals AWS keys

A malicious Python package named 'fabrice' has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services credentials from unsuspecting developers. According to ...
Threat Post

Serpent Backdoor Slithers into Orgs Using Chocolatey Installer

An unusual attack using an open-source package installer called Chocolatey, steganography and Scheduled Tasks is stealthily delivering spyware to companies. Researchers have discovered a cyberattack ...