Malicious Python libraries stealing OpenPGP and SSH keys:

– Look for python3-dateutil, and jeIlyfish.
– Both modules try to exfiltrate SSH/OpenPGP keys and send them to an IP address.
– This is the third time the PyPI team intervenes to remove typo-squatted malicious Python libraries from the official repository.

#python #malware #pypi #infosec #security #cybersecurity

@infosechandbook Interesting. Would that exfiltration be possible if your keys are stored solely on a Yubikey?


yubikeys/gnupg smartcard improves the sitch to a form where the key itself can only be used as long as it is plugged in. you can still forward the yubikey socket or decrypt password store.

Sign in to participate in the conversation

This is the social network for's community.