This random image distributes a malicious PyPl package using GitHub

Cybersecurity researchers at Check Point Research (CPR) have discovered a new malicious package in PyPI, a code repository for the Python programming language that uses an image to deliver Trojan malware, primarily using GitHub.

The actors behind this new campaign hope that Python developers will sooner or later come across “apicolor” when searching for legitimate projects on the web.

Leave a Reply

Your email address will not be published. Required fields are marked *