Dormant PyPI Package Compromised to Spread Nova Sentinel Malware

A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an information stealer malware called Nova Sentinel. The package, named django-log-tracker, was first published to PyPI in April 2022, according to software supply chain security firm Phylum, which detected an anomalous update to the library on February 21,

Hacker News Feb 23, 2024 0 45 Add to Reading List

Dormant PyPI Package Compromised to Spread Nova Sentinel Malware

A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an information stealer malware called Nova Sentinel. The package, named django-log-tracker, was first published to PyPI in April 2022, according to software supply chain security firm Phylum, which detected an anomalous update to the library on February 21,

What's Your Reaction?

0

Like

0

Dislike

0

Love

0

Funny

0

Angry

0

Sad

0

Wow

Passionate small family-based developer creating innovative solutions with a personal touch. Simplifying complexities one line of code at a time.

Comments