Tag: Python Package Index

Here you will find all the articles with the tag: Python Package Index.

New malicious packages found in Python Package Index repository

New malicious packages found in Python Package Index repository

A threat actor has uploaded three malicious packages to the PyPI (Python Package Index) repository. The packages reportedly drop info-stealing malware on developers' systems. The threat is significant, according to BleepingComputer, as PyPI is the most widely used repository for Python package... Read more

date1 year ago
Researchers find malicious info-stealing packages in PyPI

Researchers find malicious info-stealing packages in PyPI

Security firm Phylum discovered six malicious packages on the Python Package Index (PyPI). The packages installed info-stealing RAT (remote access trojan) malware using Cloudflare Tunnel to bypass firewalls. The packages attempted to steal sensitive user information from browsers, run shell comm... Read more

date1 year ago
Half of Python Libraries in Package Index have security issues

Half of Python Libraries in Package Index have security issues

Researchers in Finland have examined the open-source software libraries in the Python Package Index and found that it is riddled with security issues. The researchers found that PyPI, as it is popularly known, has potentially vulnerable code in nearly half the index. The research was published i... Read more

date3 years ago
Python Package Index purges 3,653 malicious libraries

Python Package Index purges 3,653 malicious libraries

Just days after a security weakness in the use of private and public registries was highlighted, the Python Package Index, also known as PyPI, has removed 3,653 malicious packages that were uploaded when the security flaw was highlighted. PyPI is used by Python developers to add software librari... Read more

date3 years ago