CyberSecurityBoard
Sponsor Register Login

Hackers target Python devs in phishing attacks using fake PyPI site

Python developers and PyPI users who have received these phishing emails are advised not to click the embedded links and to delete the email immediately. In February, the Python Software Foundation introduced 'Project Archival,' a new system designed to help PyPI publishers archive their projects, indicating to users that no updates are expected. Over the past few days, users who have published projects on PyPI with their email in package metadata may have received an email titled '[PyPI] Email verification' from the email address noreply@pypj.org," the PyPI admin Mike Fiedler cautioned. The Python Software Foundation warned users this week that threat actors are trying to steal their credentials in phishing attacks using a fake Python Package Index (PyPI) website. PyPI was also forced to temporarily suspend user registration and the creation of new projects in March 2024 due to a malware campaign linked to threat actors who uploaded hundreds of new malicious packages masquerading as legitimate projects. "PyPI has not been hacked, but users are being targeted by a phishing attack that attempts to trick them into logging in to a fake PyPI site. However, the attackers are instead harvesting their credentials, which will likely be used in future attacks to infect Python packages they've uploaded to PyPI with malware or to upload new malicious packages onto the platform. ​The PyPI admins have also added a banner to PyPI's homepage, warning users of this phishing attack, and are now working to find a way to disrupt this ongoing campaign. PyPI is a repository for Python packages, accessible at pypi.org, that offers a centralized platform for developers to distribute and install third-party software libraries. Those who have already entered their credentials on the pypj[.]org phishing site, should immediately change their PyPI password and inspect their accounts' Security History for suspicious or unexpected activity. After opening the malicious website, the targeted users will be prompted to sign in, with the requests sent back to PyPI to trick the users into believing they have logged in to PyPI. "This is not a security breach of PyPI itself, but rather a phishing attempt that exploits the trust users have in PyPI.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 30 Jul 2025 19:00:23 +0000


Cyber News related to Hackers target Python devs in phishing attacks using fake PyPI site

Hackers target Python devs in phishing attacks using fake PyPI site - Python developers and PyPI users who have received these phishing emails are advised not to click the embedded links and to delete the email immediately. In February, the Python Software Foundation introduced 'Project Archival,' a new system designed ...
2 months ago Bleepingcomputer.com
10 Best Anti-Phishing Tools in 2025 - What is Good?What Could Be Better?Real-time email threat detection and response using AI and machine learning.Limited customer support optionsAutomates incident response to stop phishing attacks quickly.The training module is not entirely ...
2 months ago Cybersecuritynews.com
PyPI Warns of New Phishing Attack Targeting Developers With Fake PyPI site - This sophisticated attack targets developers who have published packages on the official repository, leveraging their trust in the PyPI ecosystem to harvest login credentials through a carefully crafted fake website that mimics the legitimate ...
2 months ago Cybersecuritynews.com
Python 2 EOL: Coping with Legacy System Challenges - Python 2.7 was the last major version in the 2.x series of this software language, which was launched on July 3, 2010 and was officially maintained and supported until January 1, 2020. At that point, when the Python 2 EOL phase began, the legacy ...
1 year ago Securityboulevard.com
What SOCs Need to Know About Water Dybbuk - According to the Federal Bureau of Investigation, BEC costs victims more money than ransomware, with an estimated US$2.4 billion being lost to BEC in the US in 2021. Recently, BEC scammers have been using stolen accounts from legitimate Simple Mail ...
2 years ago Trendmicro.com
116 Malicious PyPI Packages Downloaded Over 10,000 Times - A cluster of malicious Python projects has been identified in PyPI, the official Python PyPI package repository, which targets both Windows and Linux systems and often deploys a custom backdoor. In certain instances, the ultimate payload consists of ...
1 year ago Cybersecuritynews.com
Spear Phishing vs Phishing: What Are The Main Differences? - Almost half of them used phishing to obtain the passwords of users. Highly targeted phishing campaigns against specific individuals or types of individuals are known as spear phishing. It's important to be able to spot phishing in general. For ...
1 year ago Techrepublic.com
PyPi package backdoors Macs using the Sliver pen-testing suite - A new package mimicked the popular 'requests' library on the Python Package Index to target macOS devices with the Sliver C2 adversary framework, used for gaining initial access to corporate networks. Discovered by Phylum, the campaign involves ...
1 year ago Bleepingcomputer.com
Flipping the BEC funnel: Phishing in the age of GenAI - For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic email and fire it out to thousands of recipients in the hope that a few might take the bait. Common among these new techniques was a shift towards ...
1 year ago Helpnetsecurity.com
Combat Phishing Attacks With AI-Powered Threat Protection - According to statistics, 81% of organizations have seen an increase in phishing emails since 2020, with an estimated 3.4 billion emails sent every day. AI-generated phishing emails are a sophisticated and evolving cybersecurity threat. ...
1 year ago Gbhackers.com
3 PYPI Packages Caught Spreading Malware - Recent reports have highlighted the malicious spreading of malware via 3 specific Python Package Index (PyPI) packages. These 3 packages were identified and reported by Sonatype, a software supply chain security firm. ...
2 years ago Securityaffairs.com
Phishing kits now vet victims in real-time before stealing credentials - Even if they were allowed to use the real target's address, the analysts comment that some campaigns go a step further, sending a validation code or link to the victim's inbox after they enter a valid email on the phishing page. However, with this ...
6 months ago Bleepingcomputer.com
PyPI urges users to reset credentials after new phishing attacks - PyPI, the Python Package Index, has issued a critical security advisory urging all users to reset their credentials following a surge in sophisticated phishing attacks targeting its platform. These attacks have been designed to steal user credentials ...
2 weeks ago Bleepingcomputer.com
DPython's Poisoned Package: Another 'Blank Grabber' Malware in PyPI - Python Package Index is a platform that offers an extensive range of packages to simplify and enhance the development process. Malicious actors regularly upload phishing packages in the platform's repository aimed at delivering malware to steal the ...
1 year ago Imperva.com
New Supply Chain Attack Leveraging Python Package Index Targeting Wacatac Trojan - A new supply chain attack has recently been detected targeting Python Package Index (PyPI) users with the Wacatac Trojan. This attack is seen as the latest in a series of advanced persistent threats (APT) targeting the escalating use of Python in ...
2 years ago Securityweek.com
Spotting Phishing Attacks with Image Verification Techniques - Phishing refers to the tactic used by scammers who impersonate reputable brands and lure victims to click on suspicious links so that they can breach the privacy and sensitive data of individuals. You can call image-based phishing a relatively ...
5 months ago Cybersecuritynews.com
Phishing Campaign Exploits Open Redirection Vulnerability In 'Indeed.com' - Phishing remains one of the most prevalent challenges facing organisations, with more than three billion malicious emails estimated to be sent around the world every day. Owing to the prevalence of the problem, Verizon's 2023 Data Breach ...
1 year ago Cyberdefensemagazine.com
AI-Powered Phishing Detection - Does It Actually Work? - Unlike traditional methods that rely on identifying known threats, AI-powered systems analyze patterns and behaviors to detect anomalies indicative of phishing attempts. The rise of artificial intelligence (AI) has brought new hope to combating these ...
5 months ago Cybersecuritynews.com
The Future of Phishing Email Training for Employees in Cybersecurity - One common method they use is through phishing emails. To counter this changing threat, companies must give importance to providing phishing email training for employees on identifying and responding properly to phishing attempts. Standard training ...
1 year ago Hackread.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
North Korean Hackers Use Fake Job Offers & Salary Bumps as Lure for Crypto Theft - Recent investigations have uncovered a massive operation carried out by North Korean hackers looking to steal cryptocurrency through fake job offers and salary bumps. According to recent reports, hackers have been able to trace the malicious ...
2 years ago Therecord.media
Python JSON Logger Vulnerability Allows Remote Code Execution - PoC Released - The researcher identified that the python-json-logger package declared a dependency named msgspec-python313-pre in its pyproject.toml file, but this dependency was not present on PyPI and not registered by any entity. When users install ...
6 months ago Cybersecuritynews.com CVE-2025-27607
One Phish, Two Phish, Red Phish, Blue Phish - I sat down for a chat with George Skouroupathis, our phishing expert at Resonance Security. Phishing is often the first step taken by hackers in a larger scam. There are lots of different kinds of phishing attacks, but one of the most prevalent is ...
1 year ago Hackread.com
Watch out for "I can't believe he is gone" Facebook phishing posts - This phishing attack is ongoing and widely spread on Facebook through friend's hacked accounts, as the threat actors build a massive army of stolen accounts for use in further scams on the social media platform. As the posts come from your friends' ...
1 year ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)