Multiple Backdoored Python Libraries Caught Stealing AWS Secrets and Keys

Discussion in 'News Aggregator' started by Ravie Lakshmanan, 24 Jun 2022.

  1. Researchers have discovered a number of malicious Python packages in the official third-party software repository that are engineered to exfiltrate AWS credentials and environment variables to a publicly exposed endpoint. The list of packages includes loglib-modules, pyg-modules, pygrata, pygrata-utils, and hkg-sol-utils, according to Sonatype security researcher Ax Sharma. The packages and as

    Continue reading...
     

Share This Page

Loading...