National Cyber Warfare Foundation (NCWF)

Malicious PyPI Package Masquerades as Chimera Module to Steal AWS, CI CD, and macOS Data


0 user ratings
2025-06-16 07:04:47
milo
Blue Team (CND)
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that's capable of harvesting sensitive developer-related information, such as credentials, configuration data, and environment variables, among others.
The package, named chimera-sandbox-extensions, attracted 143 downloads and likely targets users of a service called Chimera Sandbox,



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/06/malicious-pypi-package-masquerades-as.html


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Blue Team (CND)



Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.