TechSpot

More than 100,000 GitHub repositories found spreading malicious packages

Facepalm: GitHub serves as a colossal hub for software development, hosting nearly half a billion code projects created by hundreds of millions of developers worldwide. Given its extensive reach and ...
TechRadar

Hackers hijack Python packages once again to spread dangerous malware

Hackers are once again targeting Python developers involved in the blockchain industry in an attempt to distribute malware and steal tokens. A new report from cybersecurity researchers at Checkmarx ...
TechRadar

Malicious Python packages found stealing data - here's how to stay safe

Someone has been slipping infostealers into Python code repositories since April 2023, stealing people’s sensitive information, login credentials, and cryptocurrency. A report from cybersecurity ...
WeLiveSecurity

A pernicious potpourri of Python packages in PyPI

PyPI is popular among Python programmers for sharing and downloading code. Since anyone can contribute to the repository, malware – sometimes posing as legitimate, popular code libraries – can appear ...
CSOonline

Malicious npm package sneaks into GitHub Actions builds

The typosquatted “@acitons/artifact” package targeted GitHub’s CI/CD workflows, stealing tokens and publishing malicious artifacts under GitHub’s own name. A ...
Ars Technica

10 malicious Python packages exposed in latest repository attack

Researchers have discovered yet another set of malicious packages in PyPi, the official and most popular repository for Python programs and code libraries. Those duped by the seemingly familiar ...
InfoWorld

6 ways to package Python apps for re-use

Do you have a Python application you want to give to the world, or at least your teammates? Here are six ways to package Python applications for distribution. Python’s explosive growth over the last ...