Connect with us
Yesterday, following a DMCA complaint from HackerRank, GitHub took down a repository that hosts the official SymPy project documentation website. First released fifteen years ago, SymPy is an open...
An advanced threat actor has been spotted using distinctive, novel methods to backdoor French entities in the construction, real estate, and government industries. How the attack...
The Python Package Index (PyPI) has removed malware-deploying and data-stealing packages that were collectively downloaded thousands of times. The trio of malicious packages duped unsuspecting users...
UPDATED A tool has been launched with support from Google that scans Python environments for packages with known vulnerabilities. ‘Pip-audit’ leverages the PyPI JSON API to compare dependencies against...
The operators of the Python Package Index (PyPI) have removed this week 11 Python libraries from their portal for various malicious behaviors, including the collection and...
A recently observed attack employed a Python-based ransomware variant to target an organization’s VMware ESXi server and encrypt all virtual disks, Sophos reports. The attack involved the...
TensorFlow, a popular Python-based machine learning and artificial intelligence project developed by Google has dropped support for YAML, to patch a critical code execution vulnerability. YAML or Yet Another...
The Python Package Index (PyPI) registry has removed several Python packages this week aimed at stealing users’ credit card numbers, Discord tokens, and granting code execution capabilities...
WildPressure APT group is now targeting industrial organizations based in the Middle East. The group has been active since 2019, and this time it is using an...
This week, multiple malicious packages were caught in the PyPI repository for Python projects that turned developers’ workstations into cryptomining machines. All malicious packages were published...
Recent Comments