New campaign
https://www.bleepingcomputer.com/news/security/malicious-lolip0p-pypi-packages-install-info-stealing-malware/
A threat actor has uploaded to the PyPI (Python Package Index) repository three malicious packages that carry code to drop info-stealing malware on developers' systems.
The malicious packages, discovered by Fortinet, were all uploaded by the same author named 'Lolip0p' between January 7 and 12, 2023. Their names are 'colorslib,' 'httpslib,' and 'libhttps.' All three have been reported and removed from the PyPI.
New campaign
Jan 16, 2023, 5:32pm UTC
https://www.bleepingcomputer.com/news/security/malicious-lolip0p-pypi-packages-install-info-stealing-malware/
> A threat actor has uploaded to the PyPI (Python Package Index) repository three malicious packages that carry code to drop info-stealing malware on developers' systems.
> The malicious packages, discovered by Fortinet, were all uploaded by the same author named 'Lolip0p' between January 7 and 12, 2023. Their names are 'colorslib,' 'httpslib,' and 'libhttps.' All three have been reported and removed from the PyPI.