Nearly a million victims hit by massive BogusBazaar campaign — credit card details stolen, but here’s how to stay safe

Nearly a million victims hit by massive BogusBazaar campaign — credit card details stolen, but here’s how to stay safe

Almost a million people around the world have fallen victim to a highly organized fraud campaign, which scammed them out of some $50 million in the past couple of years. According to a report from SRLabs, a group of cyber-criminals, supported by a wider network of affiliates, were organized into a crime ring dubbed BogusBazaar. … Read more

PyPI stops signing up new users to try and block malware campaign

PyPI stops signing up new users to try and block malware campaign

Python Package Index (PyPI), the largest repository of Python packages, has once again been forced to suspend new account and new project registrations. Cybersecurity experts from both Checkmarx and Check Point observed a large-scale cyberattack in which threat actors tried to upload hundreds of malicious packages to the platform, in an attempt to compromise software … Read more

Python devs are being targeted by this massive infostealing malware campaign

Python devs are being targeted by this massive infostealing malware campaign

Cybersecurity researchers from Checkmarx have discovered a new infostealing campaign that leveraged typosquatting and stolen GitHub accounts to distribute malicious Python packages to the PyPI repository. In a blog post, Tal Folkman, Yehuda Gelb, Jossef Harush Kadouri, and Tzachi Zornshtain of Checkmarx said they discovered the campaign after a Python developer complained about falling victim … Read more