PondRAT malware, linked to North Korean hackers, was found hidden in Python packages on PyPI, targeting software developers. It allows remote access to infected machines, posing a serious threat to supply chains by compromising development environments. The malware’s similarities to the Gleaming Pisces (aka Lazarus Group) tools highlight increasing risks in the open-source ecosystem. Though the infected packages were removed, the attack underscores the need for stronger security practices in managing third-party code.
What’s new on HivePro
Get through updates and upcoming events, and more directly in your inbox