WeLiveSecurity

A pernicious potpourri of Python packages in PyPI

PyPI is popular among Python programmers for sharing and downloading code. Since anyone can contribute to the repository, malware – sometimes posing as legitimate, popular code libraries – can appear ...
InfoWorld

PDM: A smarter way to manage Python packages

Modern Python developers use virtual environments (venvs), to keep their projects and dependencies separate. Managing project dependencies gets more complex as the number of dependencies grows.
Bleeping Computer

PyPi python packages caught sending stolen AWS keys to unsecured sites

Multiple malicious Python packages available on the PyPI repository were caught stealing sensitive information like AWS credentials and transmitting it to publicly exposed endpoints accessible by ...
TechRadar

Malicious Python packages are stealing vital data, and have been downloaded thousands of times already

Researchers found three malicious PyPI packages, two targeting bitcoin developers, and one WooCommerce stores Two are designed to steal data, and the third to test for valid credit cards All three ...
InfoWorld

Python virtualenv and venv dos and don’ts

Python virtual environments shine for keeping projects and conflicting packages separate. Just keep these dos and don’ts in mind. One of Python’s biggest draws is its expansive ecosystem of ...
The Next Web

How to get the most out of Python classes

There should only be one — and preferably only one — obvious way to do it”, says the Zen of Python. Yet there are areas where even seasoned programmers debate what the right or wrong way to do things ...