Python Package Installation Can Trigger Malicious Code September 4, 2018 https://www.bleepingcomputer.com/ne...kage-installation-can-trigger-malicious-code/
Twelve malicious Python libraries found and removed from PyPI October 27, 2018 https://www.zdnet.com/article/twelve-malicious-python-libraries-found-and-removed-from-pypi/
Malicious Python libraries targeting Linux servers removed from PyPI Security firm scanned over one million PyPI packages and found three backdoored libraries July 17, 2019 https://www.zdnet.com/article/malicious-python-libraries-targeting-linux-servers-removed-from-pypi/ ReversingLabs: SupPy Chain Malware - Detecting malware in package manager repositories
Two malicious Python libraries caught stealing SSH and GPG keys One library was available for only two days, but the second was live for nearly a year December 4, 2019 https://www.zdnet.com/article/two-malicious-python-libraries-removed-from-pypi/
Researchers Scan for Supply-Side Threats in Open Source November 17, 2020 https://www.darkreading.com/applica...ly-side-threats-in-open-source/d/d-id/1339465 Hunting for Malicious Packages on PyPI
Malicious PyPI packages hijack dev devices to mine cryptocurrency June 21, 2021 https://www.bleepingcomputer.com/ne...es-hijack-dev-devices-to-mine-cryptocurrency/
Several Malicious Typosquatted Python Libraries Found On PyPI Repository July 30, 2021 https://thehackernews.com/2021/07/several-malicious-typosquatted-python.html JFrog: JFrog Detects Malicious PyPI Packages Stealing Credit Cards and Injecting Code
PyPI removes 'mitmproxy2' over code execution concerns October 12, 2021 https://www.bleepingcomputer.com/news/security/pypi-removes-mitmproxy2-over-code-execution-concerns/
Malicious PyPI Packages Downloaded 40,000+ Times November 19, 2021 https://www.infosecurity-magazine.com/news/malicious-pypl-packages-downloaded/ JFrog: Python Malware Imitates Signed PyPI Traffic in Novel Exfiltration Technique
Pip-audit: Google-backed tool probes Python environments for vulnerable packages ‘Good initial results’, says one early adopter December 3, 2021
School Kid Uploads Ransomware Scripts to PyPI Repository as 'Fun' Project The malware packages had names that were common typosquats of a legitimate widely used Python library August 2, 2022 Sonatype: Ransomware in PyPI: Sonatype Spots 'Requests' Typosquats
10 Malicious Code Packages Slither into PyPI Registry August 8, 2022 Check Point Research: CloudGuard Spectral detects several malicious packages on PyPI – the official software repository for Python developers
A new PyPI Package was found delivering fileless Linux Malware August 15, 2022 Sonatype: PyPI Package 'secretslib' Drops Fileless Linux Malware to Mine Monero
Malicious PyPi packages aim DDoS attacks at Counter-Strike servers August 15, 2022 Checkmarx: Typosquatting Campaign Targeting Python’s Top Packages, Dropping GitHub Hosted Malware to DDOS CS1.6 Server with DGA Capabilities
PyPI Repository Warns Python Project Maintainers About Ongoing Phishing Attacks By Ravie Lakshmanan - August 25, 2022 Checkmarx: First Known Phishing Attack Against PyPI Users
A third of PyPi software packages contains flaw to execute code when downloaded By Derek B. Johnson - August 26, 2022 Checkmarx: Automatic Execution of Code Upon Package Download on Python Package Manager
Actors behind PyPI supply chain attack have been active since late 2021 Group that pulled off successful attack on PyPI has humble origins. By Dan Goodin @dangoodin001 - September 2, 2022 SentinelOne: PyPI Phishing Campaign | JuiceLedger Threat Actor Pivots From Fake Apps to Supply Chain Attacks
Researchers warn of malicious packages on PyPI using steganography By Pierluigi Paganini - November 10, 2022 Check Point CloudGuard Spectral exposes new obfuscation techniques for malicious packages on PyPI
Hundreds Infected With 'Wasp' Stealer in Ongoing Supply Chain Attack By Ionut Arghire - November 17, 2022 Checkmarx: WASP Attack on Python — Polymorphic Malware Shipping WASP Stealer; Infecting Hundreds Of Victims Phylum: Phylum Discovers Dozens More PyPI Packages Attempting to Deliver W4SP Stealer in Ongoing Supply-Chain Attack
Hackers bombard PyPi platform with information-stealing malware By Bill Toulas @billtoulas - December 20, 2022 Phylum: W4SP Stealer Update—They’re Still At It
Malicious PyPI package posed as SentinelOne SDK to serve info-stealing malware By Pierluigi Paganini - December 20, 2022 ReversingLabs: SentinelSneak: Malicious PyPI module poses as security software development kit
Python developers, uninstall this malicious package right now By Usama Jawad @UsamaJawad9 - January 2, 2023
Malicious PyPi packages create CloudFlare Tunnels to bypass firewalls By Bill Toulas @billtoulas - January 7, 2023 Phylum: A Deep Dive Into poweRAT: a Newly Discovered Stealer/RAT Combo Polluting PyPI
Malicious ‘Lolip0p’ PyPi packages install info-stealing malware By Bill Toulas @billtoulas - January 16, 2023 Fortinet: Supply Chain Attack Using Identical PyPI Packages, “colorslib”, “httpslib”, and “libhttps”
PyPI Users Targeted With 'Wacatac' Trojan in New Supply Chain Attack By Ionut Arghire - January 17, 2023