Packages

Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal – Go Health Pro

by
Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal – Go Health Pro

Mar 15, 2025Ravie Lakshmanan Malware / Supply Chain Security Cybersecurity researchers have warned of a malicious campaign targeting users of the Python Package Index (PyPI) repository with bogus libraries masquerading as “time” related utilities, but harboring hidden functionality to steal sensitive data such as cloud access tokens. Software supply chain security firm ReversingLabs said it … Read more

Researchers Uncover PyPI Packages Stealing Keystrokes and Hijacking Social Accounts – Go Health Pro

by
Researchers Uncover PyPI Packages Stealing Keystrokes and Hijacking Social Accounts – Go Health Pro

Dec 24, 2024Ravie LakshmananMalware / Data Exfiltration Cybersecurity researchers have flagged two malicious packages that were uploaded to the Python Package Index (PyPI) repository and came fitted with capabilities to exfiltrate sensitive information from compromised hosts, according to new findings from Fortinet FortiGuard Labs. The packages, named zebo and cometlogger, attracted 118 and 164 downloads … Read more

Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack – Go Health Pro

by
Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack – Go Health Pro

Dec 20, 2024Ravie LakshmananMalware / Supply Chain Attack The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency mining malware. Following the discovery, versions 1.1.7 of … Read more

Fake ChatGPT, Claude PyPI packages spread JarkaStealer malware – Go Health Pro

by
Fake ChatGPT, Claude PyPI packages spread JarkaStealer malware – Go Health Pro

Malicious packages on the Python Package Index (PyPI), claiming to provide API access to OpenAI’s ChatGPT and Anthropic’s Claude AI models, were discovered by Kaspersky researchers to contain the JarkaStealer infostealer malware, the cybersecurity company said in a blog post Thursday.   The packages, named “gptplus” and “claudeai-eng,” were both uploaded by a user called … Read more

The 7 Best SEO Starter Packages in 2024 – Go Health Pro

by
The 7 Best SEO Starter Packages in 2024 – Go Health Pro

4. Local Search Fuel  Local Search Fuel is part of the Hurrdat marketing firm. That brand focuses on media and marketing for sports and entertainment companies, so this agency is likely a good fit for businesses in those niches.  Their $549 SEO starter package is another plan that is primarily for local businesses. Instead of … Read more

x