Information Security Code in the Python

News

Malicious Python packages found stealing data - TechRadar

Someone has been slipping infostealers into Python code repositories since April 2023, stealing people’s sensitive information, login credentials, and cryptocurrency. A report from cybersecurity ...

The Hacker News8d

Malicious PyPI and npm Packages Discovered Exploiting Dependencies in Supply Chain Attacks

PyPI malware termncolor and colorinal downloaded 884 times exploit DLL side-loading, persistence, and C2 communication.

Infosecurity-magazine.com2y

"Kekw" Malware in Python Packages Could Steal Data and Hijack Crypto

Several harmful Python .whl files containing a new type of malware called “Kekw” have been discovered on PyPI (Python Package Index). According to new data by Cyble Research and Intelligence Labs ...

25d

Nearly half of all code generated by AI found to contain security flaws - even big LLMs affected

Nearly half (45%) of AI-generated code contains security flaws despite appearing production-ready, new research from Veracode has found.

Infosecurity-magazine.com1y

Python Malware Poses DDoS Threat Via Docker API Misconfiguration

Security researchers have identified a new cyber-threat targeting publicly exposed instances of the Docker Engine API. In this campaign, attackers exploit misconfigurations to deploy a malicious ...

Bleeping Computer3y

Popular Python and PHP libraries hijacked to steal AWS keys

Python's ctx library and a fork of PHP's phpass have been compromised. 3 million users combined. The malicious code sends all the environment variables to a heroku app, likely to mine AWS credentials.

Some results have been hidden because they may be inaccessible to you

Show inaccessible results