Connect with us
PyPI, the official third-party software repository for Python packages, is warning about a phishing campaign targeting its users. “We have additionally determined that some maintainers of...
A dozen malicious PyPi packages have been discovered installing malware that modifies the Discord client to become an information-sealing backdoor and stealing data from web browsers...
A dozen malicious Python packages were uploaded to the PyPi repository this weekend in a typosquatting attack that performs DDoS attacks on a Counter-Strike 1.6 server....
On Friday, the Python Package Index (PyPI), the official repository of third-party open-source Python projects announced plans to mandate two-factor authentication requirement for maintainers of “critical” projects....
Security researchers are warning that hackers can abuse online programming learning platforms to remotely launch cyberattacks, steal data, and scan for vulnerable devices, simply by using...
The Django project, an open source Python-based web framework has patched a high severity vulnerability in its latest releases. Tracked as CVE-2022-34265, the potential SQL Injection vulnerability exists in Django’s...
https://player.vimeo.com/video/724364681?h=4df3395b6d&badge=0&autopause=0&player_id=0&app_id=58479&dnt=1 Sonatype researchers have discovered Python packages that contain malicious code that peek into and expose secret AWS credentials, network interface information, and environment variables. All...
PyPI packages ‘keep,’ ‘pyanxdns,’ ‘api-res-py’ were found to be containing a backdoor due to the presence of malicious ‘request’ dependency within some versions. For example, while most versions of ‘keep’...
Yesterday, developers took notice of two hugely popular Python and PHP libraries, respectively, ‘ctx’ and ‘PHPass’ that had been hijacked, as first reported in the news by BleepingComputer. Both...
PyPI module ‘ctx’ that gets downloaded over 20,000 times a week has been compromised in a software supply chain attack with malicious versions stealing the developer’s environment...
Recent Comments