Launch Week Day 1: Announcing Security Design Review

Malicious code in pypip (PyPI)

MAL-2023-5796

Published Feb 24, 2023 · Modified Aug 24, 2023

Description

__

Source: checkmarx (d38d9b03167ca8e71c745971efa9853dd5ed98c96663d99aed32e17b65cae3ca)

EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware

References

ARTICLE https://medium.com/checkmarx-security/the-skeleton-squad-tracing-the-origins-and-scope-of-5000-malicious-packages-on-pypi-7516c16e4da9

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes