Malicious Python bundle collects AWS credentials by way of 37,000 downloads – Go Well being Professional

Malicious Python bundle collects AWS credentials by way of 37,000 downloads – Go Well being Professional

A malicious Python bundle known as “Fabrice” that’s been reside on PyPI since 2021 has been typosquatting the favored Material SSH automation library, quietly exfiltrating AWS credentials by making greater than 37,000 downloads. The Socket Analysis Group mentioned in a Nov. 6 put up that the respectable Material library has greater than 201 million downloads … Read more