Warning: session_start(): open(/opt/alt/php82/var/lib/php/session/sess_jsdla3jl2dm6eslsct70vdisgi, O_RDWR) failed: Disk quota exceeded (122) in /home/u968162543/domains/wikdaily.com/public_html/wp-content/plugins/social-auto-poster/social-auto-poster.php on line 508
Warning: session_start(): Failed to read session data: files (path: /opt/alt/php82/var/lib/php/session) in /home/u968162543/domains/wikdaily.com/public_html/wp-content/plugins/social-auto-poster/social-auto-poster.php on line 508 Malicious PyPI package targets Chimera users to steal AWS tokens, CI/CD secrets - WikDaily
A malicious Python package posing as a harmless add-on for the Chimera sandbox environment, an integrated machine learning experimentation and development tool, is helping threat actors steal sensitive corporate credentials.
According to new research findings from software supply chain and DevOps company JFrog, the package “chimera-sandbox-extensions”, recently uploaded to the popular PyPI repository, contains a stealthy, multi-stage info-stealer.
“The detection of harmful packages, such as chimera-sandbox extensions, on PyPI highlights the significant and widespread risk posed by software supply chain attacks,” said Eric Schwake, director of Cybersecurity Strategy at Salt Security. “The primary threat lies in its ability to collect sensitive developer-related data, including credentials, configuration files, and especially AWS tokens and CI/CD environment variables.”
This poses a direct risk to corporate and cloud infrastructures, enabling attackers to maliciously access and possibly alter or steal large volumes of data through compromised API credentials, Schwake added.
Welcome to WikDaily, your trusted source for the latest news, trends, and insights across the globe. We are a dynamic blog-style news platform committed to delivering fast, accurate, and engaging content across a variety of topics—from breaking headlines to deep dives into tech, business, entertainment, travel, sports, and more.
