Malicious Python package collects AWS credentials via 37,000 downloadsA malici

1. Malicious Python package collects AWS credentials via 37,000 downloads
2. A malicious Python package called "Fabrice" that’s been live on PyPI since 2021 has been typosquatting the popular Fabric SSH automation library, quietly exfiltrating AWS credentials by making more than 37,000 downloads.
3. The Socket Research Team said in a Nov. 6 post that the legitimate Fabric library has more than 201 million downloads and has earned the trust of developers worldwide. Fabric operates as a high-level Python (2.7, 3.4+) library that executes shell commands remotely over SSH, yielding useful Python objects in return.
4. for more:https://cuty.io/m4AFjod9mDo
5.