Multiple open source software packages on the Python Package Index (PyPI) repository were found to be malicious, likely compromising thousands of devices, experts have warned.

Enterprises that already subscribe to Teradata VantageCloud Lake will be able to download Python and R packages from the Anaconda Repository at no additional cost.

Hackers are once again targeting Python developers involved in the blockchain industry in an attempt to distribute malware and steal tokens. A new report from cybersecurity researchers at ...

A new report out today from Fortinet Inc.’s FortiGuard Labs is warning of two newly discovered malicious Python packages that pose a high risk of credential theft, data exfiltration and ...

Cybersecurity researchers at ReversingLabs found two malicious packages, “bitcoinlibdbfix” and “bitcoinlib-dev”, which cumulatively have around 2,000 downloads.

Malicious Python packages found exfiltrating user data to Telegram bot Appears to be part of a wider operation by crime gang based in Iraq, say Checkmarx researchers ...

The malicious package downloads an image from the Web, then uses a steganography module to extract and execute the code to download malware.

Researchers at software supply chain management firm Sonatype have identified many malicious Python packages with ransomware scripts. In a blog post detailing their findings, Sonatype researcher ...

In a new twist on software supply chain attacks, researchers have discovered a Python package hiding malware inside of compiled code, allowing it to evade ordinary detection measures. On April 17 ...

Written in Rust, the PyApp utility wraps up Python programs into self-contained click-to-run executables. It might be the ...