SoylentNews

MrPlow [soylentnews.org] writes:

Submitted via IRC for TheMightyBuzzard

Barely a week has passed from the last attempt to hide a backdoor in a code library, and we have a new case today. This time around, the backdoor was found in a Python module, and not an npm (JavaScript) package.

Source: https://www.bleepingcomputer.com/news/security/backdoored-python-library-caught-stealing-ssh-credentials/ [bleepingcomputer.com]

Original Submission