Cybersecurity researchers uncovered two malicious Python packages in PyPI that deploy the SilentSync remote access trojan on Windows, Linux, and macOS systems. These packages use sophisticated mechanisms to exfiltrate data, execute commands, and avoid detection, exemplifying the rising threat of software supply chain attacks. #SilentSync #PyPI #SupplyChainAttacks
Keypoints
- Two malicious packages, sisaws and secmeasure, were uploaded to the PyPI repository by βCondeTGAPIS.β
- SilentSync malware can execute commands, steal browser credentials, take screenshots, and exfiltrate files on multiple operating systems.
- The packages mimic legitimate libraries, using functions that download and execute additional malicious scripts.
- SilentSync achieves persistence by modifying system files on Windows, Linux, and macOS.
- The incident underscores the growing risk of supply chain attacks via public software repositories.
Read More: https://thehackernews.com/2025/09/silentsync-rat-delivered-via-two.html