TechRadar

Python developers targeted with fake PyPl packages

Another day, another malicious package being discovered on the Python Package Index (PyPI) repository. Ax Sharma, a cybersecurity researcher from Sonatype, found a typosquatted version of the ...
Ars Technica

10 malicious Python packages exposed in latest repository attack

Researchers have discovered yet another set of malicious packages in PyPi, the official and most popular repository for Python programs and code libraries. Those duped by the seemingly familiar ...
InfoWorld

Software bill-of-materials docs eyed for Python packages

Python enhancement proposal would incorporate SBOM documents in Python packages as a way to improve dependency tracking and vulnerability analysis. Software bill-of-materials (SBOM) documents would be ...
TechRadar

Malicious Python packages are stealing vital data, and have been downloaded thousands of times already

Researchers found three malicious PyPI packages, two targeting bitcoin developers, and one WooCommerce stores Two are designed to steal data, and the third to test for valid credit cards All three ...
ZDNet

Two malicious Python libraries caught stealing SSH and GPG keys

The Python security team removed two trojanized Python libraries from PyPI (Python Package Index) that were caught stealing SSH and GPG keys from the projects of infected developers. The two libraries ...
Ars Technica

Highly invasive backdoor snuck into open source packages targets developers

Highly invasive malware targeting software developers is once again circulating in Trojanized code libraries, with the latest ones downloaded thousands of times in the last eight months, researchers ...
TechRepublic

Python Metaclass Tutorial with Examples

Python, known for its simplicity and readability, is a versatile programming language used in various domains including web development, scientific computing, artificial intelligence and more. One of ...