Malicious 'requests-darwin-lite' Package Targets Mac Users, UK Banks Hit by Data Breach

May 14, 2024
Malicious 'requests-darwin-lite' Package Targets Mac Users, UK Banks Hit by Data Breach
  • Cybersecurity researchers discovered a deceptive Python package named 'requests-darwin-lite' on PyPI that camouflages a Sliver C2 framework inside a logo image to target macOS systems.

  • The malicious package employs steganography to execute commands on macOS after installation, revealing the sophistication of current cyber attacks.

  • With 417 downloads before removal, 'requests-darwin-lite' demonstrates how open-source repositories can be exploited to distribute malware.

  • The incident with 'requests-darwin-lite' coincides with IntelBroker's report of sensitive data breaches at Barclays and HSBC, attributed to a third-party contractor cyber attack.

  • These events underscore the critical need for enhanced security measures in open-source software distribution and third-party vendor management to protect against cyber threats.

Summary based on 3 sources


Get a daily email with more Tech stories

Related Stories