Security News > 2024 > February > Dormant PyPI Package Compromised to Spread Nova Sentinel Malware

Dormant PyPI Package Compromised to Spread Nova Sentinel Malware
2024-02-23 17:08

A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an information stealer malware called Nova Sentinel. The package, named django-log-tracker, was first published to PyPI in April 2022, according to software supply chain security firm Phylum, which detected an anomalous update to the library on February 21,


News URL

https://thehackernews.com/2024/02/dormant-pypi-package-compromised-to.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Pypi 15 0 0 1 15 16