Hacking News Dormant PyPI Package Compromised to Spread Nova Sentinel Malware

Hacking News Dormant PyPI Package Compromised to Spread Nova Sentinel Malware - Printable Version

+- (https://hackmyride.com/forum)
+-- Forum: Automotive Hacking (https://hackmyride.com/forum/forumdisplay.php?fid=211)
+--- Forum: News (https://hackmyride.com/forum/forumdisplay.php?fid=278)
+---- Forum: The Hacker News (https://hackmyride.com/forum/forumdisplay.php?fid=279)
+---- Thread: Hacking News Dormant PyPI Package Compromised to Spread Nova Sentinel Malware (/showthread.php?tid=13769)

Dormant PyPI Package Compromised to Spread Nova Sentinel Malware - The Hacker News - 02-24-2024

Dormant PyPI Package Compromised to Spread Nova Sentinel Malware

A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an information stealer malware called Nova Sentinel.
The package, named django-log-tracker, was first published to PyPI in April 2022, according to software supply chain security firm Phylum, which detected an anomalous update to the library on February 21,

https://thehackernews.com/2024/02/dormant-pypi-package-compromised-to.html