Hacker News
- Software downloaded 30k times from PyPI ransacked developers’ machines https://arstechnica.com/gadgets/2021/07/malicious-pypi-packages-caught-stealing-developer-data-and-injecting-code/ 7 comments
- Software downloaded 30,000 times from PyPI ransacked developers’ machines https://arstechnica.com/gadgets/2021/07/malicious-pypi-packages-caught-stealing-developer-data-and-injecting-code/ 30 comments python
- Software downloaded 30,000 times from PyPI ransacked developers’ machines https://arstechnica.com/gadgets/2021/07/malicious-pypi-packages-caught-stealing-developer-data-and-injecting-code/ 9 comments technology
Linking pages
- When will we learn? https://drewdevault.com/2022/05/12/Supply-chain-when-will-we-learn.html 183 comments
- Malware downloaded from PyPI 41,000 times was surprisingly stealthy | Ars Technica https://arstechnica.com/information-technology/2021/11/malware-downloaded-from-pypi-41000-times-was-surprisingly-stealthy/ 90 comments
- Latest attack on PyPI users shows crooks are only getting better | Ars Technica https://arstechnica.com/information-technology/2023/02/451-malicious-packages-available-in-pypi-contained-crypto-stealing-malware/ 32 comments
- 10 malicious Python packages exposed in latest repository attack | Ars Technica https://arstechnica.com/information-technology/2022/08/10-malicious-python-packages-exposed-in-latest-repository-attack/ 3 comments
- Malicious NPM packages are part of a malware “barrage” hitting repositories | Ars Technica https://arstechnica.com/information-technology/2021/12/malicious-packages-sneaked-into-npm-repository-stole-discord-tokens/ 0 comments
Linked pages
- Python developers are being targeted with malicious packages on PyPI https://jfrog.com/blog/malicious-pypi-packages-stealing-credit-cards-injecting-code/ 274 comments
- Devs unknowingly use “malicious” modules snuck into official Python repository | Ars Technica https://arstechnica.com/information-technology/2017/09/devs-unknowingly-use-malicious-modules-put-into-official-python-repository/ 166 comments
- Widely used open source software contained bitcoin-stealing backdoor | Ars Technica https://arstechnica.com/information-technology/2018/11/hacker-backdoors-widely-used-open-source-software-to-steal-bitcoin/ 49 comments
- Supply-chain attack hits RubyGems repository with 725 malicious packages | Ars Technica https://arstechnica.com/information-technology/2020/04/725-bitcoin-stealing-apps-snuck-into-ruby-repository/ 18 comments
- New type of supply-chain attack hit Apple, Microsoft and 33 other companies | Ars Technica https://arstechnica.com/information-technology/2021/02/supply-chain-attack-that-fooled-apple-and-microsoft-is-attracting-copycats/ 14 comments
- Ahoy, there’s malice in your repos—PyPI is the latest to be abused | Ars Technica https://arstechnica.com/gadgets/2021/06/counterfeit-pypi-packages-with-5000-downloads-installed-cryptominers/ 13 comments
- A new type of supply-chain attack with serious consequences is flourishing | Ars Technica https://arstechnica.com/gadgets/2021/03/more-top-tier-companies-targeted-by-new-type-of-potentially-serious-attack/ 11 comments
- The year-long rash of supply chain attacks against open source is getting worse | Ars Technica https://arstechnica.com/information-technology/2019/08/the-year-long-rash-of-supply-chain-attacks-against-open-source-is-getting-worse/ 5 comments
- GitHub - dashingsoft/pyarmor: A tool used to obfuscate python scripts, bind obfuscated scripts to fixed machine or expire obfuscated scripts. https://github.com/dashingsoft/pyarmor 0 comments
- http://pepy.tech/ 0 comments
Would you like to stay up to date with Python? Checkout Python
Weekly.
Related searches:
Search whole site: site:arstechnica.com
Search title: Software downloaded 30,000 times from PyPI ransacked developers’ machines | Ars Technica
See how to search.