The malicious packages, discovered by Fortinet, were all uploaded by the same author named ‘Lolip0p’ between January 7 and 12, 2023. Their names are ‘colorslib,’ ‘httpslib,’ and ‘libhttps.’ All three have been reported and removed from the PyPI.
This 22-year-old is trying to save us from ChatGPT before it changes writing forever
A college kid’s mission to prevent misuse of artificial intelligence.
Another Day, Another Set of Malicious PyPI Packages
A threat actor identifying itself as Lolip0p was spotted dropping three rogue packages to the PyPI repository with an aim to carry out supply chain attacks. The packages, named colorslib (versions 4.6.11 and 4.6.12), libhttps (version 4.6.12), and http…
Australian troops fly to UK to teach Ukrainian recruits ‘infantry tactics for urban and wooded environments’
Federal government says aim is to help Ukrainian fighters ‘gain the military skills needed to defend their homeland’Get our morning and afternoon news emails, free app or daily news podcastDozens of Australian defence force personnel are to fly from Da…
Cardinal Pell will be interred in Sydney crypt in February
An Australian cardinal who spent more than a year in prison before his child abuse convictions were quashed on appeal will be interred next month after a requiem Mass at Sydney’s St. Mary’s Cathedral
Japan firm defends Van Gogh ownership after lawsuit
A Japanese company has defended its ownership of Van Gogh’s “Sunflowers”, obtained at auction in 1987, after the family of its former owner filed a US lawsuit demanding its return.The artwork — one of five original versions of the famous still life -…
China’s future ‘still uncertain’, Kevin Rudd says as he casts doubt on the country’s economic figures
The former prime minister said he planned to ‘flip up to Beijing’ before becoming Australia’s ambassador to the United States in March.
Inside X-rated life of Adin Ross’ ex-girlfriend PamiBaby who launched OnlyFans account after split from Twitch streamer
SOCIAL media star Pamibaby has set hearts fluttering with the launch of her new OnlyFans account following her split from disgraced influencer Adin Ross.
The TikToker announced she would be joining the adult-content platform soon after her breakup w…
Fortinet observed three rogue PyPI packages spreading malware
Researchers discovered three malicious packages that have been uploaded to the Python Package Index (PyPI) repository by Lolip0p group. FortiGuard Labs researchers discovered three malicious PyPI packages (called ‘colorslib’, ‘httpslib’, and “libhttps”) on the PyPI repository that were uploaded by the same actor, Lolip0p. The packages were discovered on January 10, 2023, the packages “colorslib” and […]
The post Fortinet observed three rogue PyPI packages spreading malware appeared first on Security Affairs.