Скачать или смотреть Phishing Campaign Targets PyPI Maintainers with Fake Login Sites

…
The Python Software Foundation warns PyPI users about a new phishing campaign that impersonates the official package index to steal developer credentials.

Attackers are emailing users to "verify their email" or risk suspension, directing them to a fake site at pypi-mirror[.]org designed to steal login information. Victims should reset their PyPI passwords immediately, review their account Security History, and report any suspicious activity.

This campaign follows earlier efforts in July using the pypj[.]org domain and comes shortly after PyPI revoked all tokens compromised during the GhostAction supply chain attack. The main goal of the attackers is to hijack PyPI accounts to publish or replace packages with malware.

To reduce the risk, PyPI emphasizes the need for phishing-resistant authentication methods, such as hardware keys, and urges reporting malicious domains to registrars for removal.


RECOMMENDATIONS:

1. Require maintainers to use phishing-resistant 2FA to enforce strong authentication.

2. Implement phishing awareness training for development teams, stressing the risks of email-based credential harvesting.

…

Visit our blog for more daily Intel ➜ https://cyderes.com/blog

See our newsletter for deeper monthly insights ➜ https://cyderes.com/newsletter

Catch our podcast for brief cyber updates ➜    / @beeverydayready  

Follow our story ➜   / cyderes  

…

#beeverydayready #cybersecurity #cyderes