PyPI

Follow

Malicious PyPI package impersonates SymPy to deploy XMRig miner

A deceptive package on the PyPI repository has been found impersonating the popular SymPy library. This malicious software targets Linux systems, downloading and executing the XMRig cryptocurrency miner through in-memory techniques. Security researchers have highlighted the risks posed by such supply chain attacks in open-source ecosystems.

This website uses cookies

We use cookies for analytics to improve our site. Read our privacy policy for more information.
Decline