Security News

Hacker of Python, PHP libraries: no "malicious activity" was intended
2022-05-25 13:42

Yesterday, developers took notice of two hugely popular Python and PHP libraries, respectively, 'ctx' and 'PHPass' that had been hijacked, as first reported in the news by BleepingComputer. According to the hacker, rather "Security researcher," this was a bug bounty exercise and no malicious activity was intended.

Popular Python and PHP libraries hijacked to steal AWS keys
2022-05-24 11:42

The threat actor even replaced the older, safe versions of 'ctx' with code that exfiltrates the developer's environment variables, to collect secrets like Amazon AWS keys and credentials. Versions of a 'phpass' fork published to the PHP/Composer package repository Packagist had been altered to steal secrets in a similar fashion.

New PyScript project lets you run Python programs in the browser
2022-05-02 21:17

The new PyScript project lets you embed Python programs directly in HTML pages and execute them within the browser without any server-based requirements. "PyScript is a framework that allows users to create rich Python applications in the browser using a mix of Python with standard HTML." explains Anaconda in a recent blog post.

GitHub restores popular Python repo hit by bogus DMCA takedown
2022-04-21 14:26

Yesterday, following a DMCA complaint from HackerRank, GitHub took down a repository that hosts the official SymPy project documentation website. It turns out the DMCA complaint was filed by HackerRank's outsourced contractor, WorthIT Solutions, who regularly handles such takedown requests for HackerRank.

New Python-based Ransomware Targeting JupyterLab Web Notebooks
2022-04-01 01:09

Researchers have disclosed what they say is the first-ever Python-based ransomware strain specifically designed to target exposed Jupyter notebooks, a web-based interactive computing platform that allows editing and running programs via a browser. "The attackers gained initial access via misconfigured environments, then ran a ransomware script that encrypts every file on a given path on the server and deletes itself after execution to conceal the attack," Assaf Morag, a data analyst at Aqua Security, said in a report.

Improve Your Hacking Skills with 9 Python Courses for Just $39
2022-03-30 03:25

For anyone with interest in cybersecurity, learning Python is a must. The language is used extensively in white hat hacking, and professionals use Python scripts to automate tests.

Week in review: Windows EoP flaw still exploitable, GoDaddy breach, malicious Python packages on PyPI
2021-11-28 09:00

GoDaddy breach: SSL keys, sFTP, database passwords of WordPress customers exposedGoDaddy, the popular internet domain registrar and web hosting company, has suffered a data breach that affected over a million of their Managed WordPress customers. Malicious Python packages employ advanced detection evasion techniquesJFrog researchers have discovered 11 malicious Python packages on PyPI, the official third-party package repository for Python, which have been collectively downloaded over 41,000 times.

Malicious Python packages employ advanced detection evasion techniques
2021-11-22 12:17

JFrog researchers have discovered 11 malicious Python packages on PyPI, the official third-party package repository for Python, which have been collectively downloaded over 41,000 times. This is not the first time that malicious packages have been successfully introduced into online package repositories and will surely not be the last.

11 Malicious PyPI Python Libraries Caught Stealing Discord Tokens and Installing Shells
2021-11-21 23:12

Cybersecurity researchers have uncovered as many as 11 malicious Python packages that have been cumulatively downloaded more than 41,000 times from the Python Package Index repository, and could be exploited to steal Discord access tokens, passwords, and even stage dependency confusion attacks. The Python packages have since been removed from the repository following responsible disclosure by DevOps firm JFrog -.

Code Execution Bug Affects Yamale Python Package — Used by Over 200 Projects
2021-10-07 04:50

A high-severity code injection vulnerability has been disclosed in 23andMe's Yamale, a schema and validator for YAML, that could be trivially exploited by adversaries to execute arbitrary Python code. The flaw, tracked as CVE-2021-38305, involves manipulating the schema file provided as input to the tool to circumvent protections and achieve code execution.