searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus
Help Net Security - Daily information security news with a focus on enterprise security.
Help Net Security - Daily information security news with a focus on enterprise security.
  • News
  • Features
  • Expert analysis
  • Videos
  • Reviews
  • Events
  • Whitepapers
  • Industry news
  • Product showcase
  • Newsletters

Python

Get our top stories in your inbox

Google delivers secure open source software packages

April 13, 2023

Google has announced the Google Cloud Assured Open Source Software (Assured OSS) service, which aims to be a trusted source of secure open source packages, and the deps.dev …

A closer look at malicious packages targeting Python developers

January 24, 2023

In this Help Net Security video, Carlos Fernandez, Security Researcher at Sonatype, talks about how their AI system caught packages that attack Python developers with a unique …

Python tarfile vulnerability affects 350,000 open-source projects (CVE-2007-4559)

September 22, 2022

Trellix Advanced Research Center published its research into CVE-2007-4559, a vulnerability estimated to be present in over 350,000 open-source projects and prevalent in …

Phishing PyPI users: Attackers compromise legitimate projects to push malware

August 25, 2022

PyPI, the official third-party software repository for Python packages, is warning about a phishing campaign targeting its users. “We have additionally determined that …

Python packages with malicious code expose secret AWS credentials

June 27, 2022

Sonatype researchers have discovered Python packages that contain malicious code that peek into and expose secret AWS credentials, network interface information, and …

Hijacking of popular ctx and phpass packages reveals open source security gaps

May 26, 2022

The Python module “ctx” and a fork of the PHP library “phpass” have recently been modified by an unknown attacker to grab AWS credentials/keys and send …

Attackers employ novel methods to backdoor French organizations

March 21, 2022

An advanced threat actor has been spotted using distinctive, novel methods to backdoor French entities in the construction, real estate, and government industries. How the …

Malicious Python packages employ advanced detection evasion techniques

November 22, 2021

JFrog researchers have discovered 11 malicious Python packages on PyPI, the official third-party package repository for Python, which have been collectively downloaded over …

Trojan Source bugs may lead to extensive supply-chain attacks on source code

November 2, 2021

Cambridge University researchers have detailed a new way targeted vulnerabilities can be introduced into source code while making them invisible to human code reviewers, …

Panther for AWS allows security teams to monitor their AWS infrastructure in real-time

October 13, 2021

Panther Labs announced Panther for AWS security, a security logging solution designed for AWS security teams. Now, AWS security teams will have a single platform for …

Infoworks 5.0 accelerates and lowers cost of cloud migration and analytics deployment

October 10, 2021

Infoworks announced Version 5.0 – the latest release of the company’s comprehensive software solution for automated cloud migration and enterprise data operations. As …

Researchers discover ransomware that encrypts virtual machines hosted on an ESXi hypervisor

October 7, 2021

Sophos has released details of a new ransomware written in Python that attackers used to compromise and encrypt virtual machines hosted on an ESXi hypervisor. The report …

Posts navigation

1 2 3

Featured news

  • Replace Barracuda ESG appliances, company urges
  • June 2023 Patch Tuesday forecast: Don’t forget about Apple
  • Introducing the book: Creating a Small Business Cybersecurity Program, Second Edition
Spin Up A CIS Hardened Image

Sponsored

The best defense against cyber threats for lean security teams

Webinar: Tips from MSSPs to MSSPs – starting a vCISO practice

Security in the cloud with more automation

CISOs struggle with stress and limited resources

Don't miss

Replace Barracuda ESG appliances, company urges

June 2023 Patch Tuesday forecast: Don’t forget about Apple

Introducing the book: Creating a Small Business Cybersecurity Program, Second Edition

Cl0p announces rules for extortion negotiation after MOVEit hack

AI: Interpreting regulation and implementing good practice

Cybersecurity news
Help Net Security - Daily information security news with a focus on enterprise security.
© Copyright 1998-2023 by Help Net Security
Read our privacy policy | About us | Advertise
Follow us