Launch Week Day 1: Announcing Security Design Review

Malicious code in selfurlpypip (PyPI)

MAL-2023-6727

Published Feb 25, 2023 · Modified Aug 24, 2023

Description

__

Source: checkmarx (8c53f78da6c8906a548ad0e7d7132d581da409fb175ea0f2b1dc67f8970007e2)

EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware

References

ARTICLE https://medium.com/checkmarx-security/the-skeleton-squad-tracing-the-origins-and-scope-of-5000-malicious-packages-on-pypi-7516c16e4da9

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes