Bleeping Computer

Python info-stealing malware uses Unicode to evade detection

A malicious Python package on PyPI uses Unicode as an obfuscation technique to evade detection while stealing and exfiltrating developers' account credentials and other sensitive data from compromised ...
CoinTelegraph

Crypto-stealing malware discovered in Python Package Index — Checkmarx

According to cybersecurity firm Hacken, financial losses from crypto hacks topped $440 million in the third quarter of 2024. Researchers at the Checkmarx cybersecurity firm sounded the alarm on a ...

Popular Python libraries used in Hugging Face models subject to poisoned metadata attack

Vulnerabilities in popular AI and ML Python libraries used in Hugging Face models with tens of millions of downloads allow ...
Infosecurity-magazine.com

Python Malware Poses DDoS Threat Via Docker API Misconfiguration

Security researchers have identified a new cyber-threat targeting publicly exposed instances of the Docker Engine API. In this campaign, attackers exploit misconfigurations to deploy a malicious ...
Analytics India Magazine

Python Foundation Gets $1.5 Mn Investment From Anthropic

Anthropic is planning to invest $1.5 million in the Python Software Foundation (PSF) to support security in the Python ...
Forbes

Importance And Limitations Of Sandboxing In Malware Analysis

Sandboxing is a security technique that is used to restrict the interaction of a program with the operating system simply because the program is untested or the program contains some malicious codes.