PyPI - DPRK Threat Intelligence

#PyPI

Malware

2023-08-03 • VMConnect: Malicious PyPI packages imitate popular open source modules

15

Tagged Reports
11

Unique Authors
1,041

Active Days

Tagged Reports

2026-06-08

OSM

Active Malware Campaigns in January-May 2026

#Lazarus #ContagiousInterview #NPM #PyPI #Trend #PolinRider #TasksJacker

2026-06-03

OSM

The Software Supply Chain Malware Landscape: January - May 2026

#SupplyChain #NPM #PyPI #ContagiousInterview #Trend

2025-07-31

Sonatype

How North Korea-Backed Lazarus Group Is Weaponizing Open Source to Target Developers

#Lazarus #NPM #PyPI

2024-09-30

Poly Swarm

Labyrinth Chollima Using Poisoned Python Packages to Deliver PondRAT

#LabyrinthChollima #PondRAT #POOLRAT #PyPI

2024-09-25

Foresiet

North Korean Hackers Use PondRat Malware to Target Developers

#PondRAT #PyPI

2024-09-18

Paloalto Networks

Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors

#GleamingPisces #PondRAT #PyPI

2024-09-10

Reversing Labs

Fake recruiter coding tests target devs with malicious Python packages

#Lazarus #PyPI #VMConnect

2024-08-24

Hackhunting

Software Supply Chain Threat Landscape July 2024: PyPI, NPM, GitHub and macOS

#NPM #PyPI

2024-07-05

Qihoo360

揭秘APT-C-26（Lazarus）组织利用PyPI对Windows、Linux和macOS平台的攻击行动

#APT-C-26 #PyPI

2024-02-29

Vipyrsec

Novel ELF64 Remote Access Tool Embedded in Malicious PyPI Uploads

#WebLogTea #PyPI

2024-02-28

JPCERT

New Malicious PyPI Packages used by Lazarus

#PyPI #Comebacker #BLINDINGCAN

2024-02-21

JPCERT

PyPIを悪用した攻撃グループLazarusのマルウェア拡散活動

#PyPI #Comebacker #BLINDINGCAN

2023-10-24

Hawkeye

Evidence Leads to Lazarus as the VMConnect Supply Chain Attack Continues

#VMConnect #PyPI

2023-08-31

Reversing Labs

VMConnect supply chain attack continues, evidence points to North Korea

#LabyrinthChollima #VMConnect #PyPI

2023-08-03

Reversing Labs

VMConnect: Malicious PyPI packages imitate popular open source modules

#VMConnect #PyPI

« Back