National Cyber Warfare Foundation (NCWF)

npm and PyPI Malware Campaign Exfiltrates CI CD Secrets Through Fake Payment SDKs


0 user ratings
2026-07-09 08:50:11
milo
Red Team (CNA)

A coordinated supply-chain campaign that pushed 17 malicious packages across npm and PyPI, masquerading as SDKs for well-known payment services including PaySafe, Skrill and Neteller. The campaign’s packages 17 npm modules published with four rapid versions each and four PyPI packages access with single malicious releases presented as convenient payment SDK facades but contained logic […]


The post npm and PyPI Malware Campaign Exfiltrates CI/CD Secrets Through Fake Payment SDKs appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.



Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/npm-and-pypi-malware/


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Red Team (CNA)



Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.