A malicious package on the Python Package Index (PyPi) has been quietly exfiltrating Amazon Web Service credentials from developers for over three years, a new report from cybersecurity researchers at Socket has revealed. The package “fabrice” is a typosquat of the popular Python library “fabric” used for executing remote shell commands. It has been downloaded more than […]
This article has been indexed from Information Security Buzz