[HackerNews] 11 Malicious PyPI Python Libraries Caught Stealing Discord Tokens and Installing Shells

Cybersecurity researchers have uncovered as many as 11 malicious Python packages that have been cumulatively downloaded more than 41,000 times from the Python Package Index (PyPI) repository, and could be exploited to steal Discord access tokens, passwords, and even stage dependency confusion attacks.
The Python packages have since been removed from the repository following responsible

Source: Read More (The Hacker News)

You might be interested in …

Daily NCSC-FI news followup 2021-01-25

Kyberturvallisuus­keskus: Whatsapp-tilejä yritetään kaapata Suomessa huijausviesteillä www.hs.fi/kotimaa/art-2000007758688.html Rikolliset yrittävät kaapata tilejä muun muassa tekeytymällä Whatsappin tekniseksi tueksi. Lukijoilta: Huijari tyhjäsi netissä pankkitilini ilkkapohjalainen.fi/mielipide/yleisolta/lukijoilta-huijari-tyhjasi-netissa-pankkitilini-1.4810770 Tämä on esimerkki omasta tapauksesta, jossa hyväuskoisena luotin soittoon, jossa soittaja ilmoitti soittavansa Lontoossa sijaitsevasta Microsoft Support -tukipalvelukeskuksesta. Matkapuhelin­verkko voi kavaltaa kenen tahansa sijainnin: Siepattiinko arabi­prinsessa ja hänen suomalainen ystävänsä luksus­jahdilta kapteenin […]

Read More

[TheRecord] FTC Chair: Agency’s new ISP privacy report shows the FCC should have jurisdiction

Major Internet Services Providers (ISPs) use personal data in ways consumers may not expect—maintaining vast hordes of extremely granular information or identifying information and in some cases sharing it in ways that could harm consumers, a special report prepared by Federal Trade Commission (FTC) staff and released by the agency Thursday found.  But the issues […]

Read More

[BleepingComputer] Google Chrome now warns you of extensions from untrusted devs

Google has added new protection capabilities for Enhanced Safe Browsing users in Chrome, warning them when installing untrusted extensions and allowing them to request more in-depth scans of downloaded files. […] Source: Read More (BleepingComputer)

Read More