The Hacker News7 天
PyPI Python Library "aiocpa" Found Exfiltrating Crypto Keys via Telegram Bot
Signs of malicious activity were first spotted in version 0.1.13 of the library, which included a change to the Python script ...
Computing4 个月
Malicious Python packages found exfiltrating user data to Telegram bot
that uses malware hosted on the Python repository PyPI to search for files on the victim's device and exfiltrate them to a Telegram bot. The malicious packages, all of which now seem to have been ...
Infosecurity-magazine.com3 天
Malicious PyPI Package Exposes Crypto Wallets to Infostealer Code
A malicious PyPI package “aiocpa,” that stole crypto wallet data via obfuscated code, has been removed after being reported ...