Python Package Index
Coverage of Python Package Index in the Nexus archive.
- PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux
Cybersecurity researchers discovered three packages on the Python Package Index repository that deliver ZiChatBot malware on Windows and Linux systems. The packages implement described features but covertly deliver malicious files. Kaspersky reported the findings.
- Backdoored PyTorch Lightning package drops credential stealer
A malicious version of the PyTorch Lightning package was published on the Python Package Index, delivering a credential-stealing payload targeting browsers and cloud services. The package is designed to steal sensitive information from users. This incident highlights the importance of verifying software packages before installation.
- Open source package with 1 million monthly downloads stole user credentials
An open-source package with over 1 million monthly downloads, element-data, was compromised when attackers exploited a vulnerability in the developers’ account workflow to steal signing keys and sensitive data. The malicious version 0.23.3, pushed to Python Package Index and Docker accounts, scoured systems for credentials before being removed 12 hours later.
- PyPI package with 1.1M monthly downloads hacked to push infostealer
A malicious version of the 'elementary-data' Python package on PyPI was pushed by an attacker to steal sensitive developer data and cryptocurrency wallets. The package, with 1.1 million monthly downloads, was compromised to distribute an infostealer.