A sophisticated malicious package campaign has emerged targeting Python and NPM users across Windows and Linux platforms through an unusual cross-ecosystem attack strategy. The campaign exploits typo-squatting and name confusion tactics against popular packages including colorama, a widely-used Python library for terminal color control, and the similar colorizr JavaScript package on NPM. The attack represents […]
The post New PyPI Supply Chain Attacks Python & NPM Users on Windows and Linux appeared first on Cyber Security News.
This article has been indexed from Cyber Security News