When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
The packages mimic legitimate ones already uploaded to PyPI, an attack usually called typosquatting.
It relies on developers being reckless and picking up themaliciousversion of the package, instead of the legitimate one.
While Checkmarx says the attackers tried to upload some 365 packages, Check Point claims at least 500.
This infostealer grabs, among other things, passwords stored in browsers, cookies, and cryptocurrency wallet-related information.
It took the company the entire weekend to lift the suspension.
ViaBleepingComputer
