Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive DataMalicious packages in PyPI aim to steal sensitive information and commit fraud.Researchers discovered packages impersonating legitimate libraries that lead to data exfiltration.
Malicious PyPI Packages Stole Cloud Tokens-Over 14,100 Downloads Before RemovalMalicious campaigns targeting PyPI users via fake libraries pose serious security risks, highlighting the importance of vigilance in software development.
Researchers Uncover Python Package Targeting Crypto Wallets with Malicious CodeA malicious Python package disguised as a cryptocurrency tool has been found to steal sensitive data and drain crypto wallets.
Ultralytics AI Library Compromised: Cryptocurrency Miner Found in PyPI VersionsA software supply chain attack compromised two versions of the ultralytics library, delivering a cryptocurrency miner through malicious code.Users are advised to upgrade to the latest security-fixed version of the ultralytics library.
Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive DataMalicious packages in PyPI aim to steal sensitive information and commit fraud.Researchers discovered packages impersonating legitimate libraries that lead to data exfiltration.
Malicious PyPI Packages Stole Cloud Tokens-Over 14,100 Downloads Before RemovalMalicious campaigns targeting PyPI users via fake libraries pose serious security risks, highlighting the importance of vigilance in software development.
Researchers Uncover Python Package Targeting Crypto Wallets with Malicious CodeA malicious Python package disguised as a cryptocurrency tool has been found to steal sensitive data and drain crypto wallets.
Ultralytics AI Library Compromised: Cryptocurrency Miner Found in PyPI VersionsA software supply chain attack compromised two versions of the ultralytics library, delivering a cryptocurrency miner through malicious code.Users are advised to upgrade to the latest security-fixed version of the ultralytics library.
Deepseek-impersonating malware is stealing data, research findsMalicious actors are exploiting the popularity of DeepSeek through information-stealing packages on the Python Package Index.
How to Publish a Python Package to PyPI - Mouse Vs PythonPublish Python packages on PyPI with proper structure and documentation.