Tech

Malicious Python packages are stealing vital data, and have been downloaded thousands of times already

Share
Share


  • Researchers found three malicious PyPI packages, two targeting bitcoin developers, and one WooCommerce stores
  • Two are designed to steal data, and the third to test for valid credit cards
  • All three have since been removed from the repository

Multiple open source software packages on the Python Package Index (PyPI) repository were found to be malicious, likely compromising thousands of devices, experts have warned.

Cybersecurity researchers at ReversingLabs found two malicious packages, “bitcoinlibdbfix” and “bitcoinlib-dev”, which cumulatively have around 2,000 downloads.

Share

Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Articles
Details on material composition now available for Germany’s entire building stock could promote sustainability
Tech

Details on material composition now available for Germany’s entire building stock could promote sustainability

by Heike Hensel, Leibniz-Institut für ökologische Raumentwicklung e. V. View of an...

Is AI truly creative? Study shows how visibility of process shapes perception
Tech

Is AI truly creative? Study shows how visibility of process shapes perception

In the study, participants were initially asked to evaluate the creativity of...

Encryption method for key exchange enables tap-proof communication to fend off future quantum tech threats
Tech

Encryption method for key exchange enables tap-proof communication to fend off future quantum tech threats

Credit: Pixabay/CC0 Public Domain Quantum computers are a specter for future data...

Small model approach could be more effective than LLMs
Tech

Small model approach could be more effective than LLMs

Credit: Unsplash/CC0 Public Domain Small language models are more reliable and secure...