All posts tagged "PyPI"
-
2.8KVulnerabilitiesApache Cordova App Harness Targeted in Dependency Confusion Attack
Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness. Dependency confusion attacks take place owing...
-
3.8KMalwareLazarus Exploits Typos to Sneak PyPI Malware into Dev Systems
The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of...
-
2.6KMalwareResearchers Uncover Obfuscated Malicious Code in PyPI Python Packages
Four different rogue packages in the Python Package Index (PyPI) have been found to carry out a number of malicious actions, including...
-
3.5KMalwareResearchers Uncover 3 PyPI Packages Spreading Malware to Developer Systems
A threat actor by the name Lolip0p has uploaded three rogue packages to the Python Package Index (PyPI) repository that are designed...
-
4.7KMalwareResearchers Uncover 29 Malicious PyPI Packages Targeted Developers with W4SP Stealer
Cybersecurity researchers have uncovered 29 packages in Python Package Index (PyPI), the official third-party software repository for the Python programming language, that...
-
3.6KData Security6 official Python repositories plagued with cryptomining malware
Researchers at security firm Sonatype have uncovered six malicious typosquatting packages in the official Python programming language’s PyPI repository, laced with cryptomining malware. Sonatype...
-
1.4KMalwareSeveral Malicious Typosquatted Python Libraries Found On PyPI Repository
As many as eight Python packages that were downloaded more than 30,000 times have been removed from the PyPI portal for containing...
