Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts

CentryNex

A new malicious package discovered in the Python Package Index (PyPI) has been found to impersonate a popular library for symbolic mathematics to deploy malicious payloads, including a cryptocurrency miner, on Linux hosts.
The package, named sympy-dev, mimics SymPy, replicating the latter’s project description verbatim in an attempt to deceive unsuspecting users into thinking that they are

SOURCE:

Share the Post:

Related News

ThreatsDay Bulletin: Pixel Zero-Click, Redis RCE, China C2s, RAT Ads, Crypto Scams & 15+ Stories

Most of this week’s threats didn’t rely on new tricks. They relied on familiar systems behaving exactly as designed, just

Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access

A critical security flaw has been disclosed in the GNU InetUtils telnet daemon (telnetd) that went unnoticed for nearly 11

Filling the Most Common Gaps in Google Workspace Security

Security teams at agile, fast-growing companies often have the same mandate: secure the business without slowing it down. Most teams

Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts

CentryNex

Related News

ThreatsDay Bulletin: Pixel Zero-Click, Redis RCE, China C2s, RAT Ads, Crypto Scams & 15+ Stories

Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access

Filling the Most Common Gaps in Google Workspace Security

Company

Services

Contact Us