Hacker News
- Devs unknowingly use “malicious” modules snuck into official Python repository https://arstechnica.com/information-technology/2017/09/devs-unknowingly-use-malicious-modules-put-into-official-python-repository/ 110 comments
- Has Perl CPAN ever been compromised in this manner? -> “malicious” modules snuck into official Python repository https://arstechnica.com/information-technology/2017/09/devs-unknowingly-use-malicious-modules-put-into-official-python-repository/ 3 comments perl
- Devs unknowingly use “malicious” modules put into official Python repository https://arstechnica.com/information-technology/2017/09/devs-unknowingly-use-malicious-modules-put-into-official-python-repository/ 53 comments programming
Linking pages
- Malware downloaded from PyPI 41,000 times was surprisingly stealthy | Ars Technica https://arstechnica.com/information-technology/2021/11/malware-downloaded-from-pypi-41000-times-was-surprisingly-stealthy/ 90 comments
- Software downloaded 30,000 times from PyPI ransacked developers’ machines | Ars Technica https://arstechnica.com/gadgets/2021/07/malicious-pypi-packages-caught-stealing-developer-data-and-injecting-code/ 46 comments
- ISPs can keep sharing your browsing history after California no-vote | Ars Technica https://arstechnica.com/tech-policy/2017/09/isps-can-keep-sharing-your-browsing-history-after-california-no-vote/ 29 comments
- Linux Attack Surface Analysis - Anvil Secure https://anvilventures.com/blog/linux-attack-surface-analysis.html 14 comments
- New type of supply-chain attack hit Apple, Microsoft and 33 other companies | Ars Technica https://arstechnica.com/information-technology/2021/02/supply-chain-attack-that-fooled-apple-and-microsoft-is-attracting-copycats/ 14 comments
- Ahoy, there’s malice in your repos—PyPI is the latest to be abused | Ars Technica https://arstechnica.com/gadgets/2021/06/counterfeit-pypi-packages-with-5000-downloads-installed-cryptominers/ 13 comments
- 10 malicious Python packages exposed in latest repository attack | Ars Technica https://arstechnica.com/information-technology/2022/08/10-malicious-python-packages-exposed-in-latest-repository-attack/ 3 comments
- CCleaner Malware Shows Software's Serious Supply-Chain Security Problem | WIRED https://www.wired.com/story/ccleaner-malware-supply-chain-software-security/ 3 comments
- Highly invasive backdoor snuck into open source packages targets developers | Ars Technica https://arstechnica.com/security/2023/11/developers-targeted-with-malware-that-monitors-their-every-move/ 2 comments
- Two new supply-chain attacks come to light in less than a week | Ars Technica https://arstechnica.com/information-technology/2018/10/two-new-supply-chain-attacks-come-to-light-in-less-than-a-week/ 0 comments
- Timeline of Package Dependency Compromises 2011-2017 | Haukes Blog https://www.haukeluebbers.de/blog/2020-01-timeline-of-package-dependency-compromises/ 0 comments
Linked pages
- skcsirt-sa-20170909-pypi -NBU http://www.nbu.gov.sk/skcsirt-sa-20170909-pypi/ 506 comments
- Redirecting… https://theupdateframework.github.io/ 33 comments
- ISPs can keep sharing your browsing history after California no-vote | Ars Technica https://arstechnica.com/tech-policy/2017/09/isps-can-keep-sharing-your-browsing-history-after-california-no-vote/ 29 comments
- PyPI · The Python Package Index https://pypi.python.org 6 comments
- Pyto Squatting https://www.pytosquatting.org/ 0 comments
Would you like to stay up to date with Python? Checkout Python
Weekly.
Related searches:
Search whole site: site:arstechnica.com
Search title: Devs unknowingly use “malicious” modules snuck into official Python repository | Ars Technica
See how to search.