PyPI Package – TheCyberThrone

Malicious PyPI resemble VMware vSphere connector

Researchers have identified a malicious PyPI package called “VMConnect” that has been designed to strongly resemble a legitimate VMware vSphere connector module and has been downloaded 237 times. The researchers…

PravinKarthik August 7, 2023

Byte Code Bites PYPI

Researchers have discovered a novel attack that used compiled Python byte code was identified as potentially the first supply chain attack in which bad actors executed PYC files to avoid…

PravinKarthik June 5, 2023

Python Wheel Files Malvertised

Researchers have spotted a malicious open-source Python .who (Wheel) files were found distributing a new malware dubbed KEKW that can steal sensitive information from infected systems by incorporating clipper activities…

PravinKarthik May 5, 2023

W4SP Stealer uses Malicious PyPI Packages

Attackers are using W4SP stealer, for creating fake Python packages and use rudimentary obfuscation techniques in an attempt to infect developers. W4SP, a trojan that is designed to steal crypto…

PravinKarthik November 5, 2022