This week in malware we discovered and analyzed nearly 100 packages flagged as malicious, suspicious, or dependency confusion attacks.
Notably, we uncovered a PyPI package that drops fileless Linux malware directly in memory to covertly run a cryptominer. Furthermore, our investigation revealed the threat actor published this malicious package under the stolen identity of a software engineer from a United States National Laboratory.
Article Link: This Week in Malware - Fileless Linux Cryptominer, 100 Packages