Recently identified PyPI packages called “netfetcher” and “pyfetcher” impersonate open source libraries and target Windows users with malicious executables that have a zero detection rate among leading antivirus engines. Furthermore, some of these executables are called “node.exe” and even bear the NodeJS icon and metadata, making them evasive and easily mistaken for legitimate libraries.

*** This is a Security Bloggers Network syndicated blog from 2024 Sonatype Blog authored by Ax Sharma. Read the original post at: https://www.sonatype.com/blog/pyfetcher-netfetch-drop-netflix-checker-on-windows