Six malicious packages on PyPI, the Python Package Index, were found installing information-stealing and RAT (remote access trojan) malware while using Cloudflare Tunnel to bypass firewall restrictions for remote access.
The malicious packages attempt to steal sensitive user information stored in browsers, run shell commands, and use keyloggers to steal typed secrets.
The six packages were discovered by the Phylum research team, who closely monitors PyPI for emerging campaigns.
Read moreā¦Source: Bleeping Computer
Support the originator by clicking the read the rest link below.
