Malicious PyPI Packages Found Stealing User Data and Hijacking Social Media Accounts
• 1 min read
Security researchers discovered two dangerous packages on PyPI repository that accumulated 300 downloads before removal. The malware captured keystrokes, screenshots, and sensitive data from major social platforms while employing sophisticated concealment techniques to avoid detection.
Critical Security Breach: Popular Python AI Library Compromised with Crypto Mining Malware
• 1 min read
The Ultralytics AI library was discovered distributing malicious cryptocurrency mining code through compromised versions on PyPI. The attack, which exploited GitHub Actions workflows, potentially impacted thousands of AI developers worldwide and highlights growing concerns around supply chain security.