Malicious Python libraries stealing OpenPGP and SSH keys:
– Look for python3-dateutil, and jeIlyfish.
– Both modules try to exfiltrate SSH/OpenPGP keys and send them to an IP address.
– This is the third time the PyPI team intervenes to remove typo-squatted malicious Python libraries from the official repository.
@infosechandbook Interesting. Would that exfiltration be possible if your keys are stored solely on a Yubikey?
Mastodon.ART — Your friendly creative home on the Fediverse! Interact with friends and discover new ones, all on a platform that is community-owned and ad-free. Admin: @Curator. Moderators: @EmergencyBattle, @ScribbleAddict, @TapiocaPearl, @Otherbuttons, @katwylder