News

The Hacker News9d

Malicious PyPI and npm Packages Discovered Exploiting Dependencies in Supply Chain Attacks

PyPI malware termncolor and colorinal downloaded 884 times exploit DLL side-loading, persistence, and C2 communication.
Hosted on MSN4mon

Malicious Python packages are stealing vital data, and have been ... - MSN

Furthermore, this package doesn’t even try to hide its true intentions, and instead is “openly malicious”. Despite being obvious malware, it still managed to rake in 37,217 downloads.
Bleeping Computer3y

241 npm and PyPI packages caught dropping Linux cryptominers

The Python packages contain the following piece of code that downloads the Bash script from the threat actor's server via Bit.ly URL shortener.
Infosecurity-magazine.com2y

"Kekw" Malware in Python Packages Could Steal Data and Hijack Crypto

Several harmful Python .whl files containing a new type of malware called “Kekw” have been discovered on PyPI (Python Package Index). According to new data by Cyble Research and Intelligence Labs ...
InfoWorld1y

Teradata taps Anaconda to add Python, R packages to ... - InfoWorld

Teradata is partnering with Anaconda to add packages of popular programming languages Python and R to its multi-cloud analytics platform offering, VantageCloud Lake. The partnership will see ...
Linux Journal18y

Extract and Parse ODF Files with Python | Linux Journal

If you need the latest versions, Python is available for free from www.python.org for both the Windows and Linux platforms. The OpenOffice.org package also is available for free from ...