PyPI Bans Inbox.ru Domains Amid Surge of 1,500+ Fake Package Uploads
The Python Package Index (PyPI), the primary repository for Python software, has enacted an immediate ban on the use of inbox.ru email addresses following...
Malicious Passlib Python Package Forces Windows Shutdowns Through Invalid Inputs
Socket’s Threat Research Team has identified a malicious Python package masquerading as a security solution under the name “psslib.”
Published by a threat actor using...
Threat Actors Abuse Cloudflare Tunnels to Deploy Python Malware on Windows Systems
A sophisticated malware campaign, tracked as SERPENTINE#CLOUD, has been observed leveraging Cloudflare Tunnel infrastructure to orchestrate a complex Python-based attack against Windows systems.
First...
Hackers Infiltrate PyPI Repositories with Weaponized Packages to Steal AWS Tokens and Sensitive Data
Open-source software repositories such as the Python Package Index (PyPI) are integral to modern software development, enabling developers worldwide to seamlessly integrate third-party libraries...
Beware for Instagram Growth Tools That Steal Login Credentials and Send Them to Hackers
A malicious Python package posing as an Instagram growth tool has been uncovered on the Python Package Index (PyPI), targeting unwitting users with credential...
