Popular PyPI Package 'ctx' and PHP Library 'phpass' Hijacked to Steal AWS Keys

Two trojanized Python and PHP packages have been uncovered in what's yet another instance of a software supply chain attack targeting the open source ecosystem. One of the packages in question is "ctx," a Python module available in the PyPi repository. The other involves "phpass," a PHP package that's been forked on GitHub to distribute a rogue update. "In both cases the attacker appears to have

from The Hacker News https://ift.tt/hvqIjJB
via IFTTT

Comments

Post a Comment

Popular posts from this blog

VPN vs. DNS Security

When you are trying to get another layer of cyber protection that would not require a lot of resources, you are most likely choosing between a VPN service & a DNS Security solution. Let's discuss both.  VPN Explained VPN stands for Virtual Private Networks and basically hides your IP and provides an encrypted server by redirecting your traffic via a server run by a VPN host. It establishes a from The Hacker News https://ift.tt/tYgwr1y via IFTTT
Read more