A malicious package on the Python Package Index (PyPi) has been quietly exfiltrating Amazon Web Service credentials from developers for over three years, a new report from cybersecurity researchers at Socket has revealed. The package βfabriceβ is a typosquat of the popular Python library βfabricβ used for executing remote shell commands. It has been downloaded more than […]
This article has been indexed from Information Security Buzz