SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers
SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers — Sep 18, 2025Ravie LakshmananMalware / Supply Chain Attack [https://bl
What’s new: Two malicious packages, sisaws and secmeasure, were discovered on the Python Package Index (PyPI) that deliver a remote access trojan (RAT) named SilentSync. This malware is capable of remote command execution, file exfiltration, and screen capturing, specifically targeting Windows systems but also has functionalities for Linux and macOS. The packages have been removed from PyPI.
Who’s affected
Python developers who downloaded and used the malicious packages sisaws (201 downloads) and secmeasure (627 downloads) are at risk. The malware can harvest sensitive data from web browsers and execute commands on infected systems.
What to do
- Audit your systems for the presence of the malicious packages
sisawsandsecmeasure. - Remove any instances of these packages and monitor for unusual activity on affected systems.
- Implement security measures to prevent the installation of unverified packages from public repositories.
