Malicious PyPI Package Steals AWS Credentials

A malicious package on the Python Package Index (PyPi) has been quietly exfiltrating Amazon Web Service credentials from developers for over three years, a new report from cybersecurity researchers at Socket has revealed.  The package “fabrice” is a typosquat of the popular Python library “fabric” used for executing remote shell commands. It has been downloaded more than […]

This article has been indexed from Information Security Buzz

Read the original article: