Security News > 2025 > April > Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data

Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data
2025-04-05 08:38

Cybersecurity researchers have uncovered malicious libraries in the Python Package Index (PyPI) repository that are designed to steal sensitive information. Two of the packages, bitcoinlibdbfix and bitcoinlib-dev, masquerade as fixes for recent issues detected in a legitimate Python module called bitcoinlib, according to ReversingLabs. A third package discovered by Socket, disgrasya, contained a


News URL

https://thehackernews.com/2025/04/malicious-python-packages-on-pypi.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Python 24 2 52 75 31 160
Pypi 15 0 0 1 15 16