websockets

  • Blog
    digitpatrox3 weeks ago
    42

    Malicious PyPI packages abuse Gmail, websockets to hijack systems

    Seven malicious PyPi packages were found using Gmail’s SMTP servers and WebSockets for data exfiltration and remote command execution. The packages were discovered by Socket’s threat research team, who reported their findings to the PyPI, resulting in the removal of the packages. However, some of these packages were on PyPI for over four years, and based on third-party download counters,…

    Read More »
Back to top button
close