Researchers have discovered a new attack on the Python Package Index (PyPI) repository that uses compiled Python code to sidestep detection by application security tools.
The vulnerability relates to the fshec2 package and its three files -init, main, and full.pyc.
PYC files are compiled bytecode files that are generated by the Python interpreter when a Python program is executed.
This allows malicious code to be loaded instead of being imported into the Python import library.
Loader scripts such as those discovered in the fshell2 package, Zanki said, contain a minimal amount of Python code and perform a simple action: loading of a compiled Python module.
According to the security firm, this exploit leverages the importlib package and the Python binary import file to execute code not present in the .pyc file.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply