Hackers Disguise Themselves As StackOverflow Users To Distribute Malware Via Answers

Cybercriminals are exploiting Stack Overflow to spread malware by answering questions with a link to a malicious PyPi package that installs Windows information-stealing software. Sonatype researcher Ax Sharma discovered that the new PyPi package, named 'pytoileur,' is part of the 'Cool package' campaign targeting Windows users. Uploaded over the weekend, 'pytoileur' was falsely presented as an API management tool and contains the "Cool package" string in its metadata. Read more...