Security News > 2025 > May > Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts

Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to validate stolen email addresses against TikTok and Instagram APIs. All three packages are no longer available on PyPI. The names of the Python packages are below - checker-SaGaF (2,605 downloads) steinlurks (1,049 downloads) sinnercore (3,300 downloads)

News URL

https://thehackernews.com/2025/05/malicious-pypi-packages-exploit.html