Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts

Updated on January 22, 2026

A new malicious package discovered in the Python Package Index (PyPI) has been found to impersonate a popular library for symbolic mathematics to deploy malicious payloads, including a cryptocurrency miner, on Linux hosts.
The package, named sympy-dev, mimics SymPy, replicating the latter’s project description verbatim in an attempt to deceive unsuspecting users into thinking that they are…

Read the rest of the story at Read More

Source: The Hacker News

September 5, 2024 Uncategorized

NIST Cybersecurity Framework (CSF) and C...

December 24, 2024 Uncategorized

Researchers Uncover PyPI Packages Steali...

July 21, 2025 Uncategorized

Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts

Related posts

NIST Cybersecurity Framework (CSF) and C...

Researchers Uncover PyPI Packages Steali...

Assessing the Role of AI in Zero Trust

Leave a Comment Cancel reply

Recent News

China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns

Orchid Security Introduces Continuous Identity Observability for Enterprise Applications

The First 90 Seconds: How Early Decisions Shape Incident Response Investigations

Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers

Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions

CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog

Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata

[Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

When Cloud Outages Ripple Across the Internet