searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus
Help Net Security - Daily information security news with a focus on enterprise security.
Help Net Security - Daily information security news with a focus on enterprise security.
  • News
  • Features
  • Expert analysis
  • Videos
  • Reviews
  • Events
  • Whitepapers
  • Industry news
  • Product showcase
  • Newsletters

Python

Get our top stories in your inbox

A closer look at malicious packages targeting Python developers

January 24, 2023

In this Help Net Security video, Carlos Fernandez, Security Researcher at Sonatype, talks about how their AI system caught packages that attack Python developers with a unique …

Python tarfile vulnerability affects 350,000 open-source projects (CVE-2007-4559)

September 22, 2022

Trellix Advanced Research Center published its research into CVE-2007-4559, a vulnerability estimated to be present in over 350,000 open-source projects and prevalent in …

Phishing PyPI users: Attackers compromise legitimate projects to push malware

August 25, 2022

PyPI, the official third-party software repository for Python packages, is warning about a phishing campaign targeting its users. “We have additionally determined that …

Python packages with malicious code expose secret AWS credentials

June 27, 2022

Sonatype researchers have discovered Python packages that contain malicious code that peek into and expose secret AWS credentials, network interface information, and …

Hijacking of popular ctx and phpass packages reveals open source security gaps

May 26, 2022

The Python module “ctx” and a fork of the PHP library “phpass” have recently been modified by an unknown attacker to grab AWS credentials/keys and send …

Attackers employ novel methods to backdoor French organizations

March 21, 2022

An advanced threat actor has been spotted using distinctive, novel methods to backdoor French entities in the construction, real estate, and government industries. How the …

Malicious Python packages employ advanced detection evasion techniques

November 22, 2021

JFrog researchers have discovered 11 malicious Python packages on PyPI, the official third-party package repository for Python, which have been collectively downloaded over …

Trojan Source bugs may lead to extensive supply-chain attacks on source code

November 2, 2021

Cambridge University researchers have detailed a new way targeted vulnerabilities can be introduced into source code while making them invisible to human code reviewers, …

Panther for AWS allows security teams to monitor their AWS infrastructure in real-time

October 13, 2021

Panther Labs announced Panther for AWS security, a security logging solution designed for AWS security teams. Now, AWS security teams will have a single platform for …

Infoworks 5.0 accelerates and lowers cost of cloud migration and analytics deployment

October 10, 2021

Infoworks announced Version 5.0 – the latest release of the company’s comprehensive software solution for automated cloud migration and enterprise data operations. As …

Researchers discover ransomware that encrypts virtual machines hosted on an ESXi hypervisor

October 7, 2021

Sophos has released details of a new ransomware written in Python that attackers used to compromise and encrypt virtual machines hosted on an ESXi hypervisor. The report …

Granulate gProfiler provides support to Graviton processors to improve code quality

September 4, 2021

Granulate announced the latest addition to its gProfiler, which now provides support to Graviton processors. With this new addition to gProfiler, organizations running …

Posts navigation

1 2 3

Featured news

  • We can’t rely on goodwill to protect our critical infrastructure
  • The emergence of trinity attacks on APIs
  • Hybrid cloud storage security challenges
Guide: How virtual CISOs can efficiently extend their services into compliance readiness

Sponsored

eBook: 4 ways to secure passwords, avoid corporate account takeover

Here’s the deal: Uptycs for all of 2023 for $1

2022 Cloud Data Security Report

Don't miss

We can’t rely on goodwill to protect our critical infrastructure

The emergence of trinity attacks on APIs

Hybrid cloud storage security challenges

Vulnerability in Cisco industrial appliances is a potential nightmare (CVE-2023-20076)

Video walkthrough: Cybertech Tel Aviv 2023

Cybersecurity news
Help Net Security - Daily information security news with a focus on enterprise security.
© Copyright 1998-2023 by Help Net Security
Read our privacy policy | About us | Advertise
Follow us