Bleeping Computer

Malicious PyPI packages with over 10,000 downloads taken down

The Python Package Index (PyPI) registry has removed three malicious Python packages aimed at exfiltrating environment variables and dropping trojans on the infected machines. These malicious packages ...
ZDNet

Malicious Python libraries targeting Linux servers removed from PyPI

A security firm found three malicious Python libraries uploaded on the official Python Package Index (PyPI) that contained a hidden backdoor which would activate when the libraries were installed on ...
Bleeping Computer

Backdoored Telnyx PyPI package pushes malware hidden in WAV audio

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver credential-stealing malware hidden inside a WAV file. Earlier today, the ...