Lucene search
GoogleOSV:MAL-2023-8590HistoryMay 19, 2023 - 12:00 a.m.
Malicious code in pywolle (PyPI)
2023-05-1900:00:00
Google
osv.dev
5
malicious code
pypi
hidden payload
targeting developers
steganography
exfiltration
AI Score
7.2
Confidence
Low
-= Per source details. Do not edit below this line.=-
Source: checkmarx (022272b8427ab42c0c793e5ec56175de59c7f142f82db252e890e9782845d762)
Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information
References
checkmarx.com/blog/attacker-hidden-in-plain-sight-for-nearly-six-months-targeting-python-developers/
github.com/DataDog/malicious-software-packages-dataset
medium.com/checkmarx-security/attacker-hidden-in-plain-sight-for-nearly-six-months-targeting-python-developers-3712f0f107e0
security.snyk.io/vuln/SNYK-PYTHON-PYWOLLE-6069631
AI Score
7.2
Confidence
Low