Checkmarx Zero, the research arm of Checkmarx, has uncovered a new wave of malicious Python packages infiltrating the popular PyPI repository. These packages, disguised as helpful tools for cryptocurrency wallet...
In a recent report by Imperva Threat Research, malicious actors have been found exploiting the Python Package Index (PyPI) to target players of the popular online game Roblox, specifically those...
The JFrog security research team has uncovered a novel PyPI package hijacking method known as “Revival Hijack,” which has put over 22,000 packages at risk of exploitation. Unlike traditional typosquatting...
The FortiGuard Labs team has uncovered a series of malicious packages lurking within the Python Package Index (PyPI), the official repository for Python software packages. These malicious packages, including the...
In a recent investigation, ReversingLabs researchers uncovered a malicious open-source package on the Python Package Index (PyPI) called xFileSyncerx, which contained dangerous “wiper” components. With close to 300 downloads, this...
The Phylum Research Team has uncovered a sophisticated attack targeting the Python Package Index (PyPI), a popular repository for Python software packages. The malicious package, dubbed “requests-darwin-lite,” disguised as a...
The Python Package Index (PyPi), a vital repository for open-source software, has taken the drastic step of temporarily halting new user registrations and project creation. This unprecedented move comes in...
Security researchers warn of a new wave of malicious Python packages uploaded to PyPI, the official Python repository. This attack, attributed to the infamous Lazarus hacking group, leverages a dangerous...
A recent ESET research study has shed light on a disturbing development in the Python Package Index (PyPI), the official repository for the Python programming language. The study uncovers a...
In recent developments, a new digital adversary is lurking in the open-source realm, targeting unsuspecting developers and platforms such as Telegram, AWS, and Alibaba Cloud. This threat, uncovered by Checkmarx...
The Python Package Index recently declared that all project maintainers publishing software on the official PyPI third-party software repository must bind 2FA verification by the end of this year, or...
Support Securityonline.info site. Thanks!
