10 Credential Stealing Python Libraries Found on PyPI Repository

In what’s yet another instance of malicious packages creeping into public code repositories, 10 modules have been removed from the Python Package Index (PyPI) for their ability to harvest critical data points such as passwords and Api tokens.
The packages “install info-stealers that enable attackers to steal developer’s private data and personal credentials,” Israeli cybersecurity firm Check

This article has been indexed from The Hacker News

Read the original article:

Liked it? Take a second to support IT Security News on Patreon!
Become a patron at Patreon!