Multiple Backdoored Python Libraries Caught Stealing AWS Secrets and Keys

[correlate]

[correlate]

Level 18
Thread author
Verified
Top Poster
Well-known
Forum Veteran
May 4, 2019
791
9,574
1,670
New York
Content source
https://thehackernews.com/2022/06/multiple-backdoored-python-libraries.html
Researchers have discovered a number of malicious Python packages in the official third-party software repository that are engineered to exfiltrate AWS credentials and environment variables to a publicly exposed endpoint.

The list of packages includes loglib-modules, pyg-modules, pygrata, pygrata-utils, and hkg-sol-utils, according to Sonatype security researcher Ax Sharma. The packages and as well as the endpoint have now been taken down.
Click to expand...
thehackernews.com

Multiple Backdoored Python Libraries Caught Stealing AWS Secrets and Keys

Researchers have identified multiple malicious Python packages designed to steal AWS credentials and environment variables.
thehackernews.com thehackernews.com
 
  • Like
  • +Reputation
Reactions: harlan4096, Venustus, Trooper and 4 others
You must log in or register to reply here.

You may also like...