Custom Packages in Python

Python Package Installation Can Trigger Malicious Code

Although there is nothing special about code executing on a machine, the moment when this code is executed is a significant detail from a security standpoint. The Python programming language allows ...

Bleeping Computer

10 malicious PyPI packages found stealing developer's credentials

Threat analysts have discovered ten malicious Python packages on the PyPI repository, used to infect developer's systems with password-stealing malware. The fake packages used typosquatting to ...

InfoWorld

PDM: A smarter way to manage Python packages

Modern Python developers use virtual environments (venvs), to keep their projects and dependencies separate. Managing project dependencies gets more complex as the number of dependencies grows.

CSOonline

Malicious package flood on PyPI might be sign of new attacks to come

The PyPI package flood is just the latest in a string of attacks on public repositories with the intent to plant malicious code. Over the weekend an attacker has been uploading thousands of malicious ...

Dark Reading

Faux ChatGPT, Claude API Packages Deliver JarkaStealer

Two Python packages claiming to integrate with popular chatbots actually transmit an infostealer to potentially thousands of victims. Publishing open source packages with malware hidden inside is a ...

Some results have been hidden because they may be inaccessible to you

Show inaccessible results