Malicious Python libraries stealing OpenPGP and SSH keys:

zdnet.com/article/two-maliciou

– Look for python3-dateutil, and jeIlyfish.
– Both modules try to exfiltrate SSH/OpenPGP keys and send them to an IP address.
– This is the third time the PyPI team intervenes to remove typo-squatted malicious Python libraries from the official repository.

#python #malware #pypi #infosec #security #cybersecurity

@infosechandbook Interesting. Would that exfiltration be possible if your keys are stored solely on a Yubikey?

Follow

@virtualwolf
yubikeys/gnupg smartcard improves the sitch to a form where the key itself can only be used as long as it is plugged in. you can still forward the yubikey socket or decrypt password store.
@infosechandbook

Sign in to participate in the conversation
Conesphere.Social

This is the social network for Conesphere.com's community.