PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries
PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries
22 November 2024
Cybersecurity researchers have discovered two malicious packages uploaded to the Python Package Index (PyPI) repository that impersonated popular artificial intelligence (AI) models like OpenAI ChatGPT and Anthropic Claude to deliver an information stealer called JarkaStealer.
The packages, named gptplus and claudeai-eng, were uploaded by a user named "Xeroline" in November 2023, attracting