Researchers Discover Malicious PyPI Package Posing as SentinelOne SDK to Steal Data

Cybersecurity researchers have discovered a new malicious package on the Python Package Index (PyPI) repository that impersonates a software development kit (SDK) for SentinelOne, a major cybersecurity company, as part of a campaign dubbedSentinelSneak. The package, namedSentinelOneand now taken down, is said to have been published between December 8 and 11, 2022, with nearly two dozen