[sf-lug] Malware on PyPI repository

Bobbie Sellers bliss-sf4ever at dslextreme.com
Sat Dec 4 20:29:08 PST 2021



On 12/4/21 17:07, Akkana Peck wrote:
> Bobbie Sellers quotes an article::
>>>                  Malware downloaded from PyPI 41,000 times was
>>> surprisingly stealthy
> [ ... ]
>>>             Read the rest of the article at:<https://arstechnica.com/information-technology/2021/11/malware-downloaded-from-pypi-41000-times-was-surprisingly-stealthy/>
> It always amazes me how bad articles about malware are. In this case,
> not bothering to mention the names of the packages except for two.
>
> If you want to see the list of dangerous packages without sifting
> through all the comments to find it, it's at
> https://jfrog.com/blog/python-malware-imitates-signed-pypi-traffic-in-novel-exfiltration-technique/
>
>          ...Akkana
>
>

         Thanks Akkana!  Hope you will visit us at the meeting tomorrow.

         Bobbie Sellers









More information about the sf-lug mailing list