FYI Python Security: Severity: Medium (fake software packages, code execution of benign malware)

HelloZeroNet / ZeroNet

ZeroNet - Decentralized websites using Bitcoin crypto and BitTorrent network

https://zeronet.io

Other

18.32k stars 2.26k forks source link

FYI Python Security: Severity: Medium (fake software packages, code execution of benign malware) #1118

Closed tr37ion closed 6 years ago

tr37ion commented 6 years ago

SK-CSIRT identified malicious software libraries in the official Python package repository. There is more on this issue here http://www.nbu.gov.sk/skcsirt-sa-20170909-pypi/

HelloZeroNet commented 6 years ago

Thanks, I heard about it, but it does not affects us in any way. It only affect users who manually installs the wrong packages similarly named as the non-malwared ones.