| by Arround The Web | No comments

Python packages with Malicious Code Expose Secret AWS Credentials

Sonatype researchers have discovered Python packages that contain malicious code that peek into and expose secret AWS credentials, network interface information, and environment variables.

All those credentials and metadata then get uploaded to one or more endpoints, and anyone on the web can see this. Going up a directory level showed hundreds of TXT files containing sensitive information and secret.

The post Python packages with Malicious Code Expose Secret AWS Credentials appeared first on Linux Today.

Share Button

no related pages

Source: Linux Today

Leave a Reply