Malicious PyPI Packages Using Compiled Python Code to Bypass Detection,
Researchers have discovered a novel attack on the Python Package Index (PyPI) repository that employs compiled Python code to sidestep detection by application security tools.
« It may be the first supply chain attack to take advantage of the fact that Python bytecode (PYC) files can be directly executed, » ReversingLabs analyst Karlo Zanki said in a report shared with The Hacker News.
The package
« It may be the first supply chain attack to take advantage of the fact that Python bytecode (PYC) files can be directly executed, » ReversingLabs analyst Karlo Zanki said in a report shared with The Hacker News.
The package
,
Researchers have discovered a novel attack on the Python Package Index (PyPI) repository that employs compiled Python code to sidestep detection by application security tools.
« It may be the first supply chain attack to take advantage of the fact that Python bytecode (PYC) files can be directly executed, » ReversingLabs analyst Karlo Zanki said in a report shared with The Hacker News.
The package
« It may be the first supply chain attack to take advantage of the fact that Python bytecode (PYC) files can be directly executed, » ReversingLabs analyst Karlo Zanki said in a report shared with The Hacker News.
The package
, ,
https://thehackernews.com/2023/06/malicious-pypi-packages-using-compiled.html