64
Malicious Go Binary Delivered via Steganography in PyPI
(blog.phylum.io)
Very cool trick. I've never been comfortable with how Python package installation is effectively arbitrary code execution. It's also a nice reminder that installing packages into a Docker environment is generally safer than going bare ~~back~~ metal.
It is not steganography. It's just cat original.png trojan > malicious.png
.
See? Hidden in an image, clearly that's steganography! /s
All about open source! Feel free to ask questions, and share news, and interesting stuff!
Community icon from opensource.org, but we are not affiliated with them.