#pypi

[ follow ]
fromArs Technica
20 hours ago

Supply-chain attacks on open source software are getting out of hand

Malicious packages published on npm and PyPI had been downloaded more than 56,000 times, containing malware that enabled keylogging and other surveillance functionalities.
Privacy technologies
#python
fromThe Hacker News
2 months ago

Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts

"True to its name, checker-SaGaF checks if an email is associated with a TikTok account and an Instagram account," Socket researcher Olivia Brown said in an analysis published last week.
Growth hacking
[ Load more ]