Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
25 March 2023
The package in question, named onyxproxy, was uploaded to PyPI on March 15, 2023, and comes with capabilities to harvest and exfiltrate credentials and other valuable data. It has since been taken down, but not before attracting 183 downloads.