News

Python devs targeted with dangerous phishing attacks - here's how to stay safe
Developers who published projects on PyPI with their email in package metadata are being targeted They are asked to "verify" ...
Anaconda raises $150M+ to speed up Python-based AI projects
According to the company, Insight Partners led the investment with participation from Mubadala Capital. Bloomberg reported ...
Hosted on MSN3mon
Malicious Python packages are stealing vital data, and have been ... - MSN
Furthermore, this package doesn’t even try to hide its true intentions, and instead is “openly malicious”. Despite being obvious malware, it still managed to rake in 37,217 downloads.
Bleeping Computer3y
PyPi python packages caught sending stolen AWS keys ... - BleepingComputer
Sonatype analysts J. Cardona and C. Fernandez figured that the packages 'loglib-modules' and 'pygrata-utils' were created for data exfiltration, snatching AWS credentials, network interface ...
CSOonline10mon
Fake recruitment campaign targets developers using trojanized Python ...
The latest such campaign was uncovered by researchers from ReversingLabs and involves malicious code hidden in compiled Python files (PYC) that were part of a fake test project given to job ...
ZDNet6y
Twelve malicious Python libraries found and removed from PyPI
This package, too, mimicked the name of a popular Python library, named "colorama." According to the PyPI Stats service, 54 users had downloaded the package a month before it was taken down.
TechRadar3mon
Malicious Python packages are stealing vital data, and have been ...
Furthermore, this package doesn’t even try to hide its true intentions, and instead is “openly malicious”. Despite being obvious malware, it still managed to rake in 37,217 downloads.