Generic filters
Exact matches only
Search in title
Search in content
Filter by Custom Post Type
Filter by Categories

Japan Attributes PyPI Supply Chain Cyberattack to North Korea

Japanese cybersecurity officials alerted to a recent supply chain attack by North Korea’s Lazarus Group. The group targeted the PyPI software repository for Python applications. They uploaded Malicious packages such as “pycryptoenv” and “pycryptoconf”, which resembled the legitimate “pycrypto” toolkit. Upon download, users inadvertently install the Comebacker Trojan. There were around 300 to 1,200 packages downloads. This attack is a form of typosquatting.



Cubic Lighthouse is a cybersecurity publication dedicated to demystifying security, making news actionable, providing deeper thinking about the fundamentals of security, and providing decision-makers and the community at large with the right information to make the right decisions. We will also feature more technical articles and provide personal/family security advice.

©2024 Cubic Consulting, a Smart Security Company for your Business – All Rights Reserved.