The Magic Behind Over 101,000 Malicious Packages Discovered and Blocked

Nexus Firewall provides industry-leading machine learning by security experts for security experts, detecting suspicious and malicious OSS risks in real-time and at scale before the rest of the world finds out ...

More than 200 cryptomining packages flood npm and PyPI registry

Sonatype has spotted 186 malicious packages flooding the npm registry today. These packages infect Linux hosts with cryptominers by downloading a malicious Bash script from the threat actor's server via the Bitly ...

Ransomware in PyPI: Sonatype Spots ‘Requests’ Typosquats

Sonatype has identified multiple malicious Python packages that contain ransomware scripts. These packages are named after a legitimate, widely known library called 'Requests.' ...

StringJS Typosquat Deploys Discord Infostealer Obfuscated Five Times

An npm package called 'stringjs_lib' was identified by Sonatype this week. The package typosquats the popular npm library 'string' (or StringJS) and ships a Discord info-stealer obfuscated not one, five times ...

This Week in Malware—show me your secrets!

This Week in Malware, highlights include malicious Python packages that not only exfiltrate your secrets—AWS credentials and environment variables but rather upload these to a publicly exposed endpoint. Also stated below are ...

Python packages upload your AWS keys, env vars, secrets to the web

Last week, Sonatype discovered multiple Python packages that not only exfiltrate your secrets—AWS credentials and environment variables but rather upload these to a publicly exposed endpoint. These packages were discovered by Sonatype's ...