The JFrog Security Research team has uncovered a sophisticated malicious package named “chimera-sandbox-extensions” on the Python Package Index (PyPI), a widely used repository for Python software. Uploaded by a user identified as “chimerai,” this package was designed to exploit unsuspecting developers by targeting users of the chimera-sandbox environment, aiming to harvest sensitive credentials and critical […]

The post Hackers Upload Weaponized Packages to PyPI Repositories to Steal AWS Tokens and Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

Source: gbHackers
Source Link: https://gbhackers.com/hackers-upload-weaponized-packages-to-pypi-repositories/