[sf-lug] Malware on PyPI repository
Bobbie Sellers
bliss-sf4ever at dslextreme.com
Sat Dec 4 20:29:08 PST 2021
On 12/4/21 17:07, Akkana Peck wrote:
> Bobbie Sellers quotes an article::
>>> Malware downloaded from PyPI 41,000 times was
>>> surprisingly stealthy
> [ ... ]
>>> Read the rest of the article at:<https://arstechnica.com/information-technology/2021/11/malware-downloaded-from-pypi-41000-times-was-surprisingly-stealthy/>
> It always amazes me how bad articles about malware are. In this case,
> not bothering to mention the names of the packages except for two.
>
> If you want to see the list of dangerous packages without sifting
> through all the comments to find it, it's at
> https://jfrog.com/blog/python-malware-imitates-signed-pypi-traffic-in-novel-exfiltration-technique/
>
> ...Akkana
>
>
Thanks Akkana! Hope you will visit us at the meeting tomorrow.
Bobbie Sellers
More information about the sf-lug
mailing list