python-dateutils—A Cryptominer in Disguise Targeting Windows, Linux, macOS | #linux | #linuxsecurity

You’ve probably heard of the Python module ‘dateutil‘. The module offers powerful extensions to the standard datetime library extensively used by Python developers. Yesterday, however, Sonatype’s automated malware detection system caught a suspicious PyPI package called ‘python-dateutils’ that mines Monero (XMR) cryptocurrency on your system—whether Windows, Linux, or macOS, and steals AWS credentials.

DevOps Connect:DevSecOps @ RSAC 2022

*** This is a Security Bloggers Network syndicated blog from Sonatype Blog authored by Ax Sharma. Read the original post at:

Original Source link

Leave a Reply

Your email address will not be published.

seventy three + = 78