← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Malicious PyPI and npm Packages Exploits Dependencies in Supply Chain Attacks
A malicious PyPI package named termncolor was discovered which introduces
persistence and remote code execution via its dependency colorinal.
Indicators of Compromise (1 / 13 total)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-SHA1 | eaf634c72b2169f15c85fe004a06b3c646d08cc9 | SHA1 of af46c7917f04a9039eb0b439a7615ec07b7ad88048cb24fe23c454c16dffcd57 | 2025-08-18 |