News

CSOonline2y
Malicious package flood on PyPI might be sign of new attacks to come
Over the weekend an attacker has been uploading thousands of malicious Python packages on the public PyPI (Python Package Index) software repository. If executed on a Windows system, these ...
Ars Technica2y
Latest attack on PyPI users shows crooks are only getting better
More than 400 malicious packages were recently uploaded to PyPI (Python Package Index), the official code repository for the Python programming language, in the latest indication that the ...
Infosecurity-magazine.com2y
Two Additional Malicious Python Libraries Found on PyPI Repository
Two more malicious Python packages have been discovered in the Python Package Index (PyPI) repository, days after security researchers from Check Point spotted 10 of them. The two additional packages ...
WeLiveSecurity1y
A pernicious potpourri of Python packages in PyPI
PyPI is popular among Python programmers for sharing and downloading code. Since anyone can contribute to the repository, malware – sometimes posing as legitimate, popular code libraries – can ...
Computer Weekly9mon
PyPI loophole puts thousands of packages at risk of compromise
Thousands of applications that have taken advantage of open source Python Package Index (PyPI) software packages may be at risk of hijacking and subversion by malicious actors, opening up the ...