Researchers Uncover PyPI Packages Stealing Keystrokes and Hijacking Social Accounts

Cybersecurity researchers have flagged two malicious packages that were uploaded to the Python Package Index (PyPI) repository and came fitted with capabilities to exfiltrate sensitive information from compromised hosts, according to new findings from Fortinet FortiGuard Labs.
The packages, named zebo and cometlogger, attracted 118 and 164 downloads each, prior to them being taken down.
This site uses cookies to offer you a better browsing experience. By browsing this website, you agree to our use of cookies. Click More Info to view Privacy Policy.