When a Python Evolves Into a Viper

Kyle McCray
February 14, 2023

Share This Post

Four rogue packages in the Python Package Index (PyPI) have been discovered to carry out a number of malicious actions, such as dropping malware and manipulating files. The packages were designed to purposely confuse people with well thought-out names. In addition, Fortinet FortiGuard Labs have found five different Python packages, which are engineered to harvest and exfiltrate sensitive information. These reports highlight the risk of nefarious packages in open-source repositories like npm and PyPi, which can have a severe impact on the software supply chain.

https://thehackernews.com/2023/02/researchers-uncover-obfuscated.html

Reach out to our incident response team for help

news, threat

More To Explore

Information Security News – 12/22/2025

Flaw in Hacktivist Ransomware Lets Victims Decrypt Own Files Article Link: https://www.darkreading.com/threat-intelligence/flaw-hacktivist-ransomware-victims-decrypt-files Initial Access Brokers Involved in More Attacks, Including on Critical Infrastructure Article Link:

Jo Moldenhauer December 23, 2025

Information Security News – 12/15/2025

CISA Warns Microsoft Windows Users—Log Out and Shut Down Article Link: https://www.forbes.com/sites/zakdoffman/2025/12/09/cisa-warns-microsoft-windows-users-log-out-and-shut-down/ Data Brokers are Exposing Medical Professionals, and Turning Their Personal Lives into Open

Jo Moldenhauer December 15, 2025

When a Python Evolves Into a Viper

Share This Post

More To Explore

Information Security News – 12/22/2025

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.

Follow Us:

Privacy Policy

© 2025 FRSecure LLC