Dark Reading

Attackers Abuse Python, Cloudflare to Deliver AsyncRAT

The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade ...
Infosecurity-magazine.com

"Kekw" Malware in Python Packages Could Steal Data and Hijack Crypto

Several harmful Python .whl files containing a new type of malware called “Kekw” have been discovered on PyPI (Python Package Index). According to new data by Cyble Research and Intelligence Labs ...
Bleeping Computer

Python May Let Security Tools See What Operations the Runtime Is Performing

A new feature proposal for the Python programming language wants to add "transparency" to the runtime and let security and auditing tools view when Python may be running potentially dangerous ...
ZDNet

Python programming language hurries out update to tackle remote code vulnerability

The Python Software Foundation (PSF) has rushed out Python 3.9.2 and 3.8.8 to address two notable security flaws, including one that is remotely exploitable but in practical terms can only be used to ...
Dark Reading

Novel PyPI Malware Uses Compiled Python Bytecode to Evade Detection

In a new twist on software supply chain attacks, researchers have discovered a Python package hiding malware inside of compiled code, allowing it to evade ordinary detection measures. On April 17, ...
CSOonline

Python administrator moves to improve software security

The administrators of the Python Package Index (PyPI) have begun an effort to improve the hundreds of thousands of software packages that are listed. The attempt, which began earlier last year, is to ...
TechRadar

Python update patches several major security flaws

The Python programming language has been forced to scurry to put out a new release of the popular programming language to address several security issues. While the fix for the security flaws had ...