Malicious PyPI package opens backdoors on Windows, Linux, and Macs>

Yet another malicious Python package has been spotted in the PyPI registry performing supply chain attacks to drop Cobalt Strike beacons and backdoors on Windows, Linux, and macOS systems.

PyPI is a repository of open-source packages that developers can use to share their work or benefit from the work of others, downloading the functional libraries required for their projects.

On May 17, 2022, threat actors uploaded a malicious package named ‘pymafka’ onto PyPI. The name is very similar to PyKafka, a widely used Apache Kafka client that counts over four million downloads on the PyPI registry.

Read more

Explore the site

More from the blog

Latest News