Check Point Software Technologiesは6月16日(米国時間)、「PyPI Suspends New Registrations After Malicious Python Script Attack」において、PyPI (Python Package ...

ReversingLabsはこのほど、「When byte code bites: Who checks the contents of compiled Python files?」において、PyPI (Python Package ...

PythonパッケージのアップロードプラットフォームであるPython Package Index(PyPI)を運営するPython Software Foundation(PSF)が、2023年3月から4月にかけて、アメリカ司法省からユーザーデータを要求する召喚状を3回発行されたことを明らかにしました。PSFはこの召喚状に ...

ESETは12月12日(現地時間)、「A pernicious potpourri of Python packages in PyPI」において、公式Pythonパッケージリポジトリ「PyPI」にWindowsおよびLinux環境を標的とする悪意のあるPythonプロジェクトのクラスタを発見したとして、注意を喚起した。 53のプロジェクトから116個 ...

The Python Software Foundation warned users this week that threat actors are trying to steal their credentials in phishing attacks using a fake Python Package Index (PyPI) website. PyPI is a ...

Researchers have discovered malware peddlers advertising an info-stealer out in the open on the Python Package Index (PyPI) — the official, public repository for the Python programming language — with ...

In a new twist on software supply chain attacks, researchers have discovered a Python package hiding malware inside of compiled code, allowing it to evade ordinary detection measures. On April 17, ...

A new malicious campaign has been found on the Python Package Index (PyPI) open-source repository involving 24 malicious packages that closely imitate three popular open-source tools: vConnector, ...

On Friday, the Python Package Index (PyPI), the official repository of third-party open-source Python projects announced plans to mandate two-factor authentication requirement for maintainers of ...

Security researchers at ReversingLabs have discovered a novel attack that used compiled Python code to evade detection. According to ReversingLabs reverse engineer Karlo Zanki, this could be the first ...