Supply Chain Attack Using Identical Pypi Packages Colorslib Httpslib And Libhttps

Phillip Trimble On LinkedIn: Supply Chain Attack Using Identical PyPI Packages, “colorslib”…

Phillip Trimble On LinkedIn: Supply Chain Attack Using Identical PyPI Packages, “colorslib”… Researchers have discovered a zero day supply chain attack , embedded in three pypi packages, by monitoring an open source ecosystem. A sophisticated malicious package campaign has emerged targeting python and npm users across windows and linux platforms through an unusual cross ecosystem attack strategy.

Exclusive Networks NA On LinkedIn: Supply Chain Attack Using Identical PyPI Packages, “colorslib”…

Exclusive Networks NA On LinkedIn: Supply Chain Attack Using Identical PyPI Packages, “colorslib”… These packages were uploaded between the 7th and 12th of january 2023 with the names “colorslib,” “httpslib,” and “libhttps.” the malicious packages were uploaded by a threat actor using the alias “lolip0p,” who dropped info stealing malware on targeted devices. This blog discusses the discovery of malicious pypi and npm packages that exploit software dependencies, enabling supply chain attacks for remote code execution and data exfiltration. A sophisticated supply chain attack targeting the python package index (pypi) has exposed systemic vulnerabilities in open source ecosystems, leveraging the popularity of the colorama library—a tool with over 215 million monthly downloads —to deploy cross platform malware. To avoid this, you can check the github page for a package. they usually have the correct pip command shown there. you can also check how many stars it has. it isn't a guarantee that the package is not malicious but if it has many stars it will at least rule out recently uploaded malicious packages like those in the article above.

Supply Chain Attack Using Identical PyPI Packages Spotted

Supply Chain Attack Using Identical PyPI Packages Spotted A sophisticated supply chain attack targeting the python package index (pypi) has exposed systemic vulnerabilities in open source ecosystems, leveraging the popularity of the colorama library—a tool with over 215 million monthly downloads —to deploy cross platform malware. To avoid this, you can check the github page for a package. they usually have the correct pip command shown there. you can also check how many stars it has. it isn't a guarantee that the package is not malicious but if it has many stars it will at least rule out recently uploaded malicious packages like those in the article above. Security researchers discovered multiple malicious packages uploaded to pypi that closely mimic legitimate libraries, specifically targeting colorama, a widely used python package for terminal color control, and colorizr, an npm package with similar functionality. In a disturbing yet increasingly familiar turn, cybersecurity researchers at checkmarx zero have uncovered a highly coordinated and technically advanced supply chain attack. The fortiguard labs team has discovered a new 0 day attack embedded in three pypi packages (python package index) called ‘colorslib’, ‘httpslib’, and “libhttps”. they were found on january 10, 2023, by monitoring an open source ecosystem.

Supply Chain Attack Using Identical PyPI Packages Spotted

Supply Chain Attack Using Identical PyPI Packages Spotted Security researchers discovered multiple malicious packages uploaded to pypi that closely mimic legitimate libraries, specifically targeting colorama, a widely used python package for terminal color control, and colorizr, an npm package with similar functionality. In a disturbing yet increasingly familiar turn, cybersecurity researchers at checkmarx zero have uncovered a highly coordinated and technically advanced supply chain attack. The fortiguard labs team has discovered a new 0 day attack embedded in three pypi packages (python package index) called ‘colorslib’, ‘httpslib’, and “libhttps”. they were found on january 10, 2023, by monitoring an open source ecosystem.

Supply chain attack on PyPi packages