News

Yahoo Finance2mon
Introducing Chainguard Libraries for Python: Malware-Resistant ...
New Python language libraries with end-to-end integrity help organizations build software safer and more efficiently . KIRKLAND, Wash., May 14, 2025 /PRNewswire/ -- Chainguard, the secure ...
Bleeping Computer3y
Popular Python and PHP libraries hijacked to steal AWS keys
Python's ctx library and a fork of PHP's phpass have been compromised. 3 million users combined. The malicious code sends all the environment variables to a heroku app, likely to mine AWS credentials.
ZDNet4y
Python programming language: Google funds projects aimed at ... - ZDNET
Now Google is making a $350,000 donation to support some Python Software Foundation (PSF) projects that aim to improve the supply-chain security of the Python ecosystem.
Bleeping Computer10mon
Revival Hijack supply-chain attack threatens 22,000 PyPI packages
According to researchers at JFrog, a software supply chain platform, there are more than 22,000 deleted packages on PyPI that are vulnerable to the Revival Hijack attack, and some of them quite ...
Infosecurity-magazine.com2y
Malicious PyPI Packages Use Compiled Python Code to Bypass Detection
Zanki said it coincides with an increase in harmful submissions to the Python Package Index (PyPI). Read more on malicious PyPI packages: Researchers Uncover 7000 Malicious Open Source Packages ...