News

ZDNet5y
Two malicious Python libraries caught stealing SSH and GPG keys
Stealing SSH and GPG keys. According to Martini, the malicious code was present only in the jeIlyfish library. The python3-dateutil package didn't contain malicious code of its own, but it did ...
Bleeping Computer3y
Popular Python and PHP libraries hijacked to steal AWS keys
Python's ctx library and a fork of PHP's phpass have been compromised. 3 million users combined. The malicious code sends all the environment variables to a heroku app, likely to mine AWS credentials.
ZDNet6y
Twelve malicious Python libraries found and removed from PyPI
This package, too, mimicked the name of a popular Python library, named "colorama." According to the PyPI Stats service , 54 users had downloaded the package a month before it was taken down.
TechRadar3y
Python libraries are being attacked for AWS keys - TechRadar
Pair of Python repositories have been ... Python libraries are being attacked for AWS keys. ... is an open-source password hashing framework, released in 2005, and downloaded more than two ...
TechRepublic6y
How Netflix uses Python: Streaming giant reveals its programming ...
The Causal Models library, a Python and R framework, which uses PyArrow and RPy2, and allows scientists to contribute new models for causal inference. Meanwhile Netflix’s visualizations library ...