News

CSOonline2y
Attackers use Python compiled bytecode to evade detection
Attackers who are targeting open-source package repositories like PyPI (Python Package Index) have devised a new technique for hiding their malicious code from security scanners, manual reviews ...
Bleeping Computer2y
Python info-stealing malware uses Unicode to evade detection
A malicious Python package on PyPI uses Unicode as an obfuscation technique to evade detection while stealing and exfiltrating developers' account credentials and other sensitive data from ...
Infosecurity-magazine.com2y
Malicious PyPI Packages Use Compiled Python Code to Bypass Detection
According to ReversingLabs reverse engineer Karlo Zanki, this could be the first instance of a supply chain attack capitalizing on the direct execution capability of Python byte code (PYC) files. The ...
Bleeping Computer2y
Unpatched 15-year old Python bug allows code ... - BleepingComputer
A vulnerability in the Python programming language that has been overlooked for 15 years is now back in the spotlight as it likely affects more than 350,000 open-source repositories and can lead ...