[sf-lug] Malware on PyPI repository
Akkana Peck
akkana at shallowsky.com
Sat Dec 4 17:07:25 PST 2021
Bobbie Sellers quotes an article::
> > Malware downloaded from PyPI 41,000 times was
> > surprisingly stealthy
[ ... ]
> > Read the rest of the article at:<https://arstechnica.com/information-technology/2021/11/malware-downloaded-from-pypi-41000-times-was-surprisingly-stealthy/>
It always amazes me how bad articles about malware are. In this case,
not bothering to mention the names of the packages except for two.
If you want to see the list of dangerous packages without sifting
through all the comments to find it, it's at
https://jfrog.com/blog/python-malware-imitates-signed-pypi-traffic-in-novel-exfiltration-technique/
...Akkana
More information about the sf-lug
mailing list