#PyPI: Cybersecurity researchers have discovered two malicious packages ('gptplus' & 'claudeai-eng') uploaded to the #Python Package Index (PyPI) repository that impersonated popular AI models to deliver JarkaStealer malware:
#SofwareSupplyChainSecurity
👇
https://thehackernews.com/2024/11/pypi-attack-chatgpt-claude.html
Sam Stepanyan :verified: 🐘 /
npub18d…rltg5
2024-11-22 08:09:31
Author Public Key
npub18d0arwv295u03fd825dvn5eharfx25rtrkemffxnar9dzn82drtssrltg5Published at
2024-11-22 08:09:31Event JSON
{
"id": "247659fe79f144241ee594fa34c0abbc023152b39fe6bd6b3986916c92800d5c",
"pubkey": "3b5fd1b98a2d38f8a5a7551ac9d337e8d265506b1db3b4a4d3e8cad14cea68d7",
"created_at": 1732262971,
"kind": 1,
"tags": [
[
"t",
"pypi"
],
[
"t",
"python"
],
[
"t",
"sofwaresupplychainsecurity"
],
[
"proxy",
"https://infosec.exchange/users/securestep9/statuses/113525586103177073",
"activitypub"
]
],
"content": "#PyPI: Cybersecurity researchers have discovered two malicious packages ('gptplus' \u0026 'claudeai-eng') uploaded to the #Python Package Index (PyPI) repository that impersonated popular AI models to deliver JarkaStealer malware:\n#SofwareSupplyChainSecurity\n👇\nhttps://thehackernews.com/2024/11/pypi-attack-chatgpt-claude.html",
"sig": "c10ac6270a07c55740ac2afe4f38191cb92e6f04ba2427516e9f09fa6b41c5d0f8239516ecb2425479f28eafeffab02ebe58397d6d96c1704ddf69795126b36a"
}