+- Python Forum (https://python-forum.io)
+-- Forum: General (https://python-forum.io/forum-1.html)
+--- Forum: News and Discussions (https://python-forum.io/forum-31.html)
+--- Thread: Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines (/thread-41520.html)
Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines - rob101 - Jan-30-2024
This, from The Hacker News, broke yesterday.
Just be mindful of what you allow into your computer system.
RE: Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines - Larz60+ - Jan-30-2024
This is important to know!
Everyone should check their repositories for any of the offending packages.
pip list | sort Linux, or similar on other OS, can be used to compare against the list on Hacker news site that you mention above
RE: Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines - Gribouillis - Jan-30-2024
fortinet dot com Wrote:While most of the packages uploaded to PyPI are posted by dedicated individuals looking to support the Python community, threat actors also regularly post packages infected with malware.original info
RE: Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines - rob101 - Jan-30-2024
An "easy to miss" link (from the THN post) to this very detailed report is well worth reading.
to add: sorry, I've just seen that @Gribouillis has already linked this up.