Beware: PyPI Package Hijack Installs NovaSentinel Stealer on Windows

1 min read


  • A dormant Python Package Index (PyPI) package named Django-log-tracker was unexpectedly updated to deploy the NovaSentinel stealer malware
  • The malicious update stripped the package to its bare essentials, leaving only an __init__.py and example.py file, both containing identical, malicious code

Researchers identified a cyberattack through the dormant PyPI package Django-log-tracker, which was updated to deploy the NovaSentinel stealer malware. This highlights a significant threat to the software supply chain, emphasizing the need for heightened security measures among developers and organizations. The malware was disguised within the package, triggering concerns about supply chain attacks. The malware is capable of exfiltrating sensitive information from infected Windows systems. Phylum’s prompt detection and reporting led to the removal of the compromised package from PyPI, preventing further downloads and infections.

Previous Story

Beware of Malware: Fake Job Offers from Software Developers

Next Story

Catch the latest Joomla update with many security enhancements

Latest from News