This Week in Malware – 135 Packages Target npm and PyPI Registries

October 1, 2022/in Computer Security

This week in malware, we discovered and analyzed 135 packages flagged as malicious, suspicious, or dependency confusion attacks in npm and PyPI registries.

Malicious packages caught by Sonatype
We caught the following this week via Sonatype’s automated malware detection system, offered as a part of Nexus Firewall:

Source…