A new malicious campaign has been found on the Python Package Index (PyPI) open-source repository involving 24 malicious packages that closely imitate three popular open-source tools: vConnector, eth-tester and databases.
Source: Infosecurity
VMConnect: Python PyPI Threat Imitates Popular Modules
- Okta Warns of Credential Stuffing Attacks Using Proxy Services
- Android Malware Brokewell With Complete Device Takeover Capabilities
- Fileless .NET Based Code Injection Attack Delivers AgentTesla Malware
- Prompt Fuzzer: Open-source tool for strengthening GenAI apps
- How insider threats can cause serious security breaches