Fortinet Inc.'s FortiGuard Labs has discovered two malicious Python packages that pose a high risk of credential theft, data exfiltration, and unauthorized system access.
The first vulnerability, Zebo-0.1.0, exhibits sophisticated malware behavior, including keylogging, screen capturing, and data exfiltration to remote servers.
The second vulnerability, Cometlogger-0.1, targets system credentials and user data, evades detection, and can steal a wide array of user data.
To prevent infection, it is recommended to verify third-party scripts, implement firewalls and intrusion detection systems, and train employees to recognize phishing attempts.