Lucene search
GoogleOSV:MAL-2023-8569HistoryMay 27, 2023 - 12:00 a.m.
Malicious code in pyclack (PyPI)
2023-05-2700:00:00
Google
osv.dev
3
malicious code
pyclack
pypi
developers
hidden payload
host information
exfiltration
AI Score
7.2
Confidence
Low
-= Per source details. Do not edit below this line.=-
Source: checkmarx (a5bbfd7bb3c6e08fcaab006836d25519f6f790a3e647e64dd210e0b6f464d490)
Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information
References
checkmarx.com/blog/attacker-hidden-in-plain-sight-for-nearly-six-months-targeting-python-developers/
github.com/DataDog/malicious-software-packages-dataset
medium.com/checkmarx-security/attacker-hidden-in-plain-sight-for-nearly-six-months-targeting-python-developers-3712f0f107e0
security.snyk.io/vuln/SNYK-PYTHON-PYCLACK-6069634
AI Score
7.2
Confidence
Low