A new malicious package discovered in the Python Package Index (PyPI) has been found to impersonate a popular library for symbolic mathematics to deploy malicious payloads, including a cryptocurrency miner, on Linux hosts.
The package, named sympy-dev, mimics SymPy, replicating the latter’s project description verbatim in an attempt to deceive unsuspecting users into thinking that they areRead More
Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts [email protected] (The Hacker News)
by
Tags: