ZDNet

Developers, watch your code: Official Python repository spread malicious projects

PyPI is the official Python Package Index that currently contains 500,972 projects, 5,228,535 million releases, 9,950,103 million files, and 770,841 users. PyPI helps users locate and install software ...
TechRadar

Credit card-stealing malware found in official Python repository

Cybersecurity researchers have once again found malicious packages lurking in Python’s official repository, PyPI. According to estimates from the security research team at DevOps specialists JFrog, ...
Ars Technica

10 malicious Python packages exposed in latest repository attack

I would really appreciate if some companies worked together to curate a repository of the most often used packages. We are using open source software in our company, yet instead of paying a security ...
TechRadar

Python libraries are being attacked for AWS keys

When a GitHub repository that hasn’t been touched for almost a decade suddenly gets an “update”, users should be wary, as it might just be a hostile takeover with the intention of distributing viruses ...
Zawya

ESET Research: Official Python repository served cyberespionage backdoor

ESET Research discovered 116 malicious packages in PyPI, the official repository of software for the Python programming language, uploaded across 53 projects. Victims have downloaded these packages ...
TechRepublic

Microsoft Introduces Python in Excel

Some members of the Microsoft 365 Insiders program can now try out the combination of Python's data analysis and visualization libraries, Excel's features and the Anaconda Python repository. Image: ...
Ars Technica

Ahoy, there’s malice in your repos—PyPI is the latest to be abused

Counterfeit packages downloaded roughly 5,000 times from the official Python repository contained secret code that installed cryptomining software on infected machines, a security researcher has found ...