This week in malware we have a lot to go over. A mysterious 'Distutil' Python library found on the PyPI repository, active Spring4Shell exploitation by threat actors deploying crypto-miners, ProxyShell exploits targeting Microsoft Exchange servers, an open source utility claiming to add Google Play store to PCs but containing obfuscated malware, ongoing dependency confusion attempts, and last but not the least, the GitHub OAuth tokens compromise, that impacted a dozen organizations including npm.
Article Link: This Week in Malware—Malicious 'Distutil' and Spring4Shell active exploitation