Mastodawn

PyPI Packages Deliver ZiChatBot Malware via Zulip APIs

Malicious Python packages on PyPI were found to be secretly delivering a new malware called ZiChatBot, which uses Zulip APIs to receive instructions. These seemingly harmless packages covertly dropped malicious components, highlighting the importance of vigilance when downloading code from public repositories.

https://osintsights.com/pypi-packages-deliver-zichatbot-malware-via-zulip-apis?utm_source=mastodon&utm_medium=social

#MalwareOperations #ZichatbotMalware #Pypi #ZulipApis #SupplyChain

PyPI Packages Deliver ZiChatBot Malware via Zulip APIs

Discover how PyPI packages delivered ZiChatBot malware via Zulip APIs and learn how to protect yourself from similar threats - read the full report now.

OSINTSights

Analyst207 May 6

OceanLotus Exploits PyPI to Deliver ZiChatBot Malware

Kaspersky's analysis uncovered a sneaky malware attack on PyPI, where OceanLotus hackers uploaded fake packages that looked like harmless libraries, tricking users into installing the ZiChatBot malware. The malicious packages, uploaded in July 2025, masqueraded as legitimate tools like uuid32-utils, colorinal, and termncolor.

https://osintsights.com/oceanlotus-exploits-pypi-to-deliver-zichatbot-malware?utm_source=mastodon&utm_medium=social

#Oceanlotus #Pypi #ZichatbotMalware #MalwareOperations #EmergingThreats

OceanLotus Exploits PyPI to Deliver ZiChatBot Malware

Learn how OceanLotus exploits PyPI to deliver ZiChatBot malware via malicious packages, and protect your projects from similar threats today with expert insights.

OSINTSights