Launch Week Day 1: Announcing Security Design Review

Malicious code in esqpypingintel (PyPI)

MAL-2023-3297

Published Feb 25, 2023 · Modified Aug 24, 2023

Description

__

Source: checkmarx (81bfd19641f842b69c4065f482722419d65c14cd3a228097743f65c2fd400fed)

EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware

References

ARTICLE https://medium.com/checkmarx-security/the-skeleton-squad-tracing-the-origins-and-scope-of-5000-malicious-packages-on-pypi-7516c16e4da9

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes