Name of the Vulnerable Software and Affected Versions SentinelOne (affected versions not specified)

Description Threat actors impersonated SentinelOne by uploading fake software development kits (SDKs) onto PyPI. These SDKs contained fully functional SentinelOne clients but also included malicious backdoors. The backdoors are only executed when called programmatically, not during installation. The malicious packages have been removed from PyPI.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.