Dormant PyPI Package Compromised to Spread Nova Sentinel Malware

February 24, 2024

A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an information stealer malware called Nova Sentinel.
The package, named django-log-tracker, was first published to PyPI in April 2022, according to software supply chain security firm Phylum, which detected an anomalous update to the library on February 21,

Article posted by: https://thehackernews.com/2024/02/dormant-pypi-package-compromised-to.html
——————————————————————————————————————–
Infocerts, 5B 306 Riverside Greens, Panvel, Raigad 410206 Maharashtra, India
Contact us – https://www.infocerts.com

Open Whatsapp chat
Whatsapp Us
Chat with us for faster replies.