#pypi hasil pencarian
🚨 We discovered two malicious Python packages in #PyPI repository that remained undetected for over a year. These packages mimicked tools for working with popular AI language models (#ChatGPT and #Claude), silently exfiltrating data and compromising developer environments.…
PyPI serves billions of requests daily- but sustaining it isn’t free. The PSF joined the OpenSSF & others in calling for organizations to invest in sustainable open infrastructure. Learn what this means for #PyPI, the PSF, & how our community can pitch in: pyfound.blogspot.com/2025/10/open-i…
I was annoyed of having to write README files for my projects. So I went ahead and created a CLI tool to auto-generate README files for any project regardless of programming language! 📜✨ It creates a comprehensive README based on your project. Check it out on #PyPI and #npm
#OceanLotus #APT32 #PyPi uuid32_utils-1.x.x-py3-none-win32.whl cf3f59e2c4c8767697ea46475171697c 91a476fea45abc8b208e0a9e3293f774 a7a0add66b205967562c1fa9643b8421 22538214a3c917ff3b13a9e2035ca521 02f4701559fc40067e69bb426776a54f 5598baa59c716590d8841c6312d8349e Backward.dll…
How do you optimize package delivery for 950,000+ Python developers? Check out how we're using Individual Provider Anycast to power platforms like @PyPI, where small improvements × billions of requests = massive impact! fastly.com/blog/powering-… #fastforward #pypi
⚠️🧵 RL threat researchers detected an impersonation attempt targeting a popular #PyPI cloudscraper package with more than 50M downloads. It has the suffix "safe" added, but it is all but safe: secure.software/pypi/packages/…
"Fake recruiter coding tests target devs with malicious Python packages" published by ReversingLabs. #Lazarus, #PyPI, #VMConnect, #DPRK, #CTI reversinglabs.com/blog/fake-recr…
It's been a busy day for us! ⚠️🧵 RL's automated detection system flagged a new malicious #PyPI package: secure.software/pypi/packages/… While name would suggest this is a ChatGPT related project, it actually contains a #malware loader.
🚨Over 22k packages are vulnerable (or over 120k by looser measurement) to a new #SoftwareSupplyChain attack vector: Hijacking abandoned #PyPI packages. Potentially critical for orgs relying on abandoned packages, learn more about our team's discovery: jfrog.co/4gpsbUH
A new supply chain attack on PyPI is delivering SilentSync, a Python RAT. The malware steals credentials and files from developers' systems. #PyPI #SupplyChainAttack #Python #Malware #Cybersecurity securityonline.info/pypi-under-att…
New supply-chain attacks hit open-source repos: #PyPI: termncolor & colorinal delivered multi-stage malware with Windows & Linux backdoors. #npm: packages redux-ace,rtk-lo posed as dev tools & job tests, stealing iCloud Keychain, browser data, wallets: thehackernews.com/2025/08/malici…
"揭秘APT-C-26(Lazarus)组织利用PyPI对Windows、Linux和macOS平台的攻击行动" published by Qihoo360. #APT-C-26, #PyPI, #CTI, #OSINT, #LAZARUS mp.weixin.qq.com/s?__biz=MzUyMj…
PyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike Domain dlvr.it/TMkqLV #PyPI #Phishing #CyberSecurity #EmailScam #Python
#NPM: New Supply Chain #Malware Hits NPM and #PyPI Package Ecosystems. #ReactNative-Aria & #GlueStack packages with cumulative 1mln+ weekly downloads backdoored overnight - check your dependencies! #SoftwareSupplyChainSecurity 👇 thehackernews.com/2025/06/new-su…
This is done by Termspark 🔥 Text blink, italic text and more styles support on next release (1.7.0) Wait for it! #python #pypi #opensource
PyPI Introduces Archival Status to Alert Users About Unmaintained Python Packages dlvr.it/TJjKS9 #Python #PyPI #SoftwareDevelopment #OpenSource #SupplyChainSecurity
🚨Over 22k packages are vulnerable (or over 120k by looser measurement) to a new #SoftwareSupplyChain attack vector: Hijacking abandoned #PyPI packages. Potentially critical for orgs relying on abandoned packages, learn more about our team's discovery: jfrog.co/4gpsbUH
Exciting news for developers! 🚀 Just added jupyterlab-nbpath to PyPI!💻 This tool simplifies notebook navigation in JupyterLab. Check it out on PyPI: pypi.org/project/jupyte… #DeveloperTools #Python #PyPI
PyPI serves billions of requests daily- but sustaining it isn’t free. The PSF joined the OpenSSF & others in calling for organizations to invest in sustainable open infrastructure. Learn what this means for #PyPI, the PSF, & how our community can pitch in: pyfound.blogspot.com/2025/10/open-i…
🔖 Zenn過去記事投稿 自分だけのライブラリを作ってみよう! 【Pythonで自分だけのクソライブラリを作る方法】 ✅ PyPIへの公開手順を解説 ✅ パッケージ構成のベストプラクティス ✅ 実用的なライブラリ開発のコツ #Python #ライブラリ開発 #PyPI #OSS zenn.dev/karaage0703/ar…
#npm, #PyPI, and #RubyGems Packages Found Sending #Developer Data to #Discord Channels ift.tt/STKr63H
🎉 Launched my first package on #PyPI C-based HTTP client for #Python that mimics browser #fingerprint to bypass SSL blocks. ✅ Python 3.8-3.14 ✅ Linux, Windows, macOS ✅ 270 test cases ✅ requests compatible PyPI: pypi.org/project/httpmo… Github: github.com/arman-bd/httpm…
Don't be surprised if you have crashing issues with xformers 0.0.33.dev1085. Stick to the dev1083 release for now, would be my recommendation, unless you know better. #xformers #Python #pypi #PythonLibraries #Attention #GenerativeAI #AIcoding
🚨 A malicious #PyPI package, #soopsocks, has already infected 2,600+ systems. Get the breakdown on how it works, the red flags to watch for, and steps to prevent similar #SoftwareSupplyChain threats, research powered by JFrog. 🔗 Learn more: bit.ly/48dS1cx
The malicious PyPI package SoopSocks masqueraded as a SOCKS5 proxy but secretly installed a Go-based backdoor with SYSTEM privileges, leaking system data to a Discord webhook. #SoopSocks #PyPI #SupplyChain #Backdoor #Cybersecurity securityonline.info/backdoor-disgu…
🚨 Developers, a malicious PyPI package 'soopsocks' infected over 2,600 systems before being taken down! Check your dependencies and stay vigilant against supply chain attacks. #PyPI #Cybersecurity thehackernews.com/2025/10/alert-…
The #HuggingFace hosted models are added to the 🦉🫥 PDF Anonymizer (see the #PyPi pdf-anonymizer-cli). I'm adding more LLM options. #anonymizer
🚨 Alert: Malicious PyPI package soopsocks infected 2,653 systems before takedown. Python developers, update & audit dependencies now! ⚠️ #CyberSecurity #PyPI #Malware #SupplyChainAttack
Malicious PyPI package `soopsocks` infected 2,653 Windows systems with backdoors disguised as a SOCKS5 proxy. Takedown initiated! 🚨 thehackernews.com/2025/10/alert-… #PyPI #Malware #Cybersecurity #Soopsocks #WindowsSecurity
Malicious #PyPI package #soopsocks (2,653 downloads) posed as a SOCKS5 proxy but deployed a Go executable with PowerShell payloads. It modified firewall rules, established persistence, and exfiltrated data via a Discord webhook.
🚨 We discovered two malicious Python packages in #PyPI repository that remained undetected for over a year. These packages mimicked tools for working with popular AI language models (#ChatGPT and #Claude), silently exfiltrating data and compromising developer environments.…
💣 Among others, @sekoia_io discovered yesterday 55 #PyPI malicious packages pushed by the same Threat actor. It's not the first time that we are seeing this actor pushing this kind of malicious packages. PyPI contacted and packages removed 👌 Related packages and IoCs below ↘️
#PyPI 上に悪意のあるパッケージが6つ見つかりました。背後にいる攻撃者は #W4SP の攻撃を模倣し、ユーザークレデンシャル、暗号ウォレット データなどを窃取していました。オープンソース エコシステムに台頭しつつある脅威の動向を解説します。 bit.ly/44CjShk
⚠️🧵 RL researchers detected a new malicious campaign targeting #PyPI users. Several packages are pretending to be "time" related utilities, but are actually used to steal sensitive data like cloud tokens.
I was annoyed of having to write README files for my projects. So I went ahead and created a CLI tool to auto-generate README files for any project regardless of programming language! 📜✨ It creates a comprehensive README based on your project. Check it out on #PyPI and #npm
Looking back at 2023 @mikefiedler discovered some impressive metrics that we want to share! @fastly #PyPI #pytho
How do you optimize package delivery for 950,000+ Python developers? Check out how we're using Individual Provider Anycast to power platforms like @PyPI, where small improvements × billions of requests = massive impact! fastly.com/blog/powering-… #fastforward #pypi
What are some suspicious attributes of code packages? These can include no associated #GitHub repo, limited downloads or a malicious code pattern. We break down the discovery of six malicious packages found on the popular #PyPI repository. bit.ly/44Bdgjl
#Python: #PyPI temporarily shuts down new project creation and new user registration to mitigate an ongoing #malware upload campaign:
🔍Researchers have discovered a concerning surge in deceptive #npm and #PyPI packages distributed as part of a malicious campaign, aimed at extracting #Kubernetes configurations and #SSH keys. Read more👇 socradar.io/new-campaign-d… #cybersecurity #devops #supplychain #datatheft
Malicious packages disguised as legitimate software pose a threat to #cloud systems. Our new research spotlights a technical analysis of six packages meant for #CredentialStealing, personal data stealing and more found in the Python Package Index (#PyPI). bit.ly/44Bdgjl
⚠️🧵 RL threat researchers detected an impersonation attempt targeting a popular #PyPI cloudscraper package with more than 50M downloads. It has the suffix "safe" added, but it is all but safe: secure.software/pypi/packages/…
#OceanLotus #APT32 #PyPi uuid32_utils-1.x.x-py3-none-win32.whl cf3f59e2c4c8767697ea46475171697c 91a476fea45abc8b208e0a9e3293f774 a7a0add66b205967562c1fa9643b8421 22538214a3c917ff3b13a9e2035ca521 02f4701559fc40067e69bb426776a54f 5598baa59c716590d8841c6312d8349e Backward.dll…
#PyPI A good blog post with analysis of #malicious #Python packages in PyPI by the @eset research team: #SoftwareSupplyChainSecurity 👇 welivesecurity.com/en/eset-resear…
Is it possible to encounter #malware on #PyPI? Learn how CloudGuard Spectralops.io - A Check Point Solution detected a malicious package on the leading #Python repository: bit.ly/3Zgo5V7
PyPI Introduces Archival Status to Alert Users About Unmaintained Python Packages dlvr.it/TJjKS9 #Python #PyPI #SoftwareDevelopment #OpenSource #SupplyChainSecurity
Something went wrong.
Something went wrong.
United States Trends
- 1. Carson Beck 3,763 posts
- 2. Miami 60.9K posts
- 3. Vandy 12.8K posts
- 4. Mario 65K posts
- 5. Clemson 11.9K posts
- 6. Lagway 1,552 posts
- 7. #UFCVegas110 4,218 posts
- 8. Jeff Sims 1,374 posts
- 9. Georgia 40.2K posts
- 10. Jaire 1,381 posts
- 11. Texas 115K posts
- 12. Ohio State 17.8K posts
- 13. Dabo 3,030 posts
- 14. Jeremiah Smith 9,338 posts
- 15. Dawson 4,743 posts
- 16. Jacob Rodriguez N/A
- 17. Vanderbilt 10.4K posts
- 18. #iufb 1,332 posts
- 19. Julian Sayin 7,251 posts
- 20. Pavia 4,661 posts