A recently spotted supply chain attack abused an old but legitimate Python package to deliver a malicious payload. Read more on how the attacker managed to do it and how to protect yourself from it.

Codified in PEP 582, Python allows a __pypackages__ directory to contain version-specific editions of packages that can be imported before packages from the base install of Python, or even a venv.

The Python Package Index (PyPI) registry has removed three malicious Python packages aimed at exfiltrating environment variables and dropping trojans on the infected machines. These malicious ...

A malicious Python package named 'fabrice' has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services credentials from unsuspecting developers.

Package installers and management tools — pip in the case of Python — have their own internal package selection logic when faced with two packages of the same name from two different defined ...

Using Python’s index operator [] on a string with a -3 will grab the 3rd character from the end of the string, in this case '<built-in function oct>'[-3] will evaluate to 'c'.

This package, too, mimicked the name of a popular Python library, named "colorama." According to the PyPI Stats service, 54 users had downloaded the package a month before it was taken down.