PyPI Python Library “aiocpa” Found Exfiltrating Crypto Keys via Telegram Bot

Updated on November 25, 2024

The administrators of the Python Package Index (PyPI) repository have quarantined the package “aiocpa” following a new update that included malicious code to exfiltrate private keys via Telegram.
The package in question is described as a synchronous and asynchronous Crypto Pay API client. The package, originally released in September 2024, has been downloaded 12,100 times to date.
By putting the…

Read the rest of the story at Read More

Source: The Hacker News

December 18, 2024 Uncategorized

INTERPOL Pushes for “Romance Baiti...

January 1, 2025 Uncategorized

Iranian and Russian Entities Sanctioned ...

December 24, 2024 Uncategorized

PyPI Python Library “aiocpa” Found Exfiltrating Crypto Keys via Telegram Bot

Related posts

INTERPOL Pushes for “Romance Baiti...

Iranian and Russian Entities Sanctioned ...

Apache Tomcat Vulnerability CVE-2024-563...

Leave a Comment Cancel reply

Recent News

Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed

⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors

Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

How to Automate CVE and Vulnerability Advisory Response with Tines