Threat Actors Target NPM, PyPI, and RubyGems Developers

Sep 6, 2023

A new cyber campaign has emerged, with threat actors uploading malicious packages to PyPI, NPM, and RubyGems repositories, posing a significant threat to macOS user data. The malicious packages would collect system information and exfiltrate it to attacker-controlled servers. Security firm Phylum identified a connection between these packages, suggesting a coordinated campaign against software developers.

Get Free Report & Network Analysis

Please check your email for the free report.