11 Malicious PyPI Python Libraries Caught Stealing Discord Tokens and Installing Shells

19 November 2021

Cybersecurity researchers have uncovered as many as 11 malicious Python packages that have been cumulatively downloaded more than 41,000 times from the Python Package Index (PyPI) repository, and could be exploited to steal Discord access tokens, passwords, and even stage dependency confusion attacks. The Python packages have since been removed from the repository following responsible disclosure by DevOps firm JFrog — importantpackage / important-package pptest ipboards owlmoon DiscordSafety trrfab 10Cent10 / 10Cent11 yandex-yt yiffparty Two of the packages (“importantpackage,”

Read full article on The Hacker News

Date:

19 November 2021

Categorie(s):

NEWS

Tag(s):

Discord, Installing, Libraries, Malicious, Malware

HackCar – Attack AND Defense Playground For Automotive System11 May 2024
Dell says names, addresses leaked after hacker claims access to 49M records11 May 2024
Europol Hacked? IntelBroker Claims Major Law Enforcement Breach10 May 2024
Strengthening DDoS Protection with Threat Intelligence10 May 2024
Iran most likely to launch destructive cyber-attack against US – ex-Air Force intel analyst10 May 2024