Join us

All FAUN.Sensei() courses are available with a 25% discount using the coupon SENSEI2525, valid until December 31.

"Kekw" Malware in Python Packages Could Steal Data and Hijack Crypto

@faun ・ May 07,2023

Harmful Python .whl files containing a new malware called "Kekw" were found on PyPI.
The malware steals sensitive information and hijacks cryptocurrency transactions.
The Python security team promptly removed the malicious packages from the repository.
The impact is believed to be minimal as it's unclear how many people downloaded them.
The incident highlights the supply chain attacks preferred by threat actors, emphasizing the responsibility of developers to vet libraries.
Open-source software brings productivity but also exposes vulnerabilities.
Earlier, malicious packages were found on npm and PyPI registries.

Let's keep in touch!

Stay updated with my latest posts and news. I share insights, updates, and exclusive content.

Unsubscribe anytime. By subscribing, you share your email with @faun and accept our Terms & Privacy.

Give a Pawfive to this post!

Only registered users can post comments. Please, login or signup.

Share with your friends and followers

Start writing about what excites you in tech — connect with developers, grow your voice, and get rewarded.

Join other developers and claim your FAUN.dev() account now!

Publish your first story!

The FAUN

FAUN.dev()

@faun

The FAUN watches over the forest of developers. It roams between Kubernetes clusters, code caves, AI trails, and cloud canopies, gathering the signals that matter and clearing out the noise.