News North Korean hackers upload malware to popular open-source software repositoryTargeting decentralized repositories like PyPI enables DPRK to carry out large-scale attacks against users, expert says North Korean cybercriminals uploaded malicious packages to the official repository for the Python programming language, a Japanese cybersecurity organization warned last week, in an apparent attempt to infect the machines of users who download tools from the website. The Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) stated in a blog post on Wednesday that it confirmed the DPRK’s Lazarus Group released four Python packages to the PyPI repository. Run by the Python Software Foundation (PSF), PyPI allows anyone to upload open-source packages meeting basic requirements and guidelines, but some threat actors have © Korea Risk Group. All rights reserved. |