More Supply Chain Attacks via New Malicious Python Packages in PyPi


The PyPI (Python Package Index) packages (xhttpsp and httpssp) issued by the malware authors “Portugal” and “Brazil” contain yet another 0-day assault, according to the FortiGuard Labs team. By keeping an eye on an open-source ecosystem, these two packages were found on January 31, 2023.

On January 27, 2023, they were both released. As seen in the example below, each had a single version and no description. In their installation script, which looks to be Base64-encoded, the two packages both contained the same dangerous code.

Read More…