Cybersecurity researchers have discovered a new bunch of malicious packages on the npm package registry that are designed to exfiltrate sensitive developer information.
Software supply chain firm Phylum, which first identified the "test" packages on July 31, 2023, said they "demonstrated increasing functionality and refinement," hours after which they were removed and re-uploaded under different
A threat actor by the nameΒ Lolip0pΒ has uploaded three rogue packages to the Python Package Index (PyPI) repository that are designed to drop malware on compromised developer systems.
The packages β namedΒ colorslibΒ (versions 4.6.11 and 4.6.12),Β httpslibΒ (versions 4.6.9 and 4.6.11), andΒ libhttpsΒ (version 4.6.12) β by the author between January 7, 2023, and January 12, 2023. They have since been
Threat actors have published yet another round of malicious packages to Python Package Index (PyPI) with the goal of delivering information-stealing malware on compromised developer machines.
Interestingly, while the malware goes by a variety of names like ANGEL Stealer, Celestial Stealer, Fade Stealer, Leaf $tealer, PURE Stealer, Satan Stealer, and @skid Stealer, cybersecurity company Phylum
Login
FreshRSS