ZDNet

Twelve malicious Python libraries found and removed from PyPI

A software security engineer has identified 12 Python libraries uploaded on the official Python Package Index (PyPI) that contained malicious code. The 12 packages have been discovered in two separate ...
TWCN Tech News

How to uninstall Python PIP package and dependencies

Do you want to uninstall the Python PIP package you installed sometime back but don’t know how? Sometimes, you may want to remove a package and its dependencies, because you no longer need it or ...
Infosecurity-magazine.com

"Kekw" Malware in Python Packages Could Steal Data and Hijack Crypto

Several harmful Python .whl files containing a new type of malware called “Kekw” have been discovered on PyPI (Python Package Index). According to new data by Cyble Research and Intelligence Labs ...
Bleeping Computer

10 malicious PyPI packages found stealing developer's credentials

Threat analysts have discovered ten malicious Python packages on the PyPI repository, used to infect developer's systems with password-stealing malware. The fake packages used typosquatting to ...
Bleeping Computer

New Python tool checks NPM packages for manifest confusion issues

A security researcher and system administrator has developed a tool that can help users check for manifest mismatches in packages from the NPM JavaScript software registry. Last week, a former ...
InfoWorld

Software bill-of-materials docs eyed for Python packages

Python enhancement proposal would incorporate SBOM documents in Python packages as a way to improve dependency tracking and vulnerability analysis. Software bill-of-materials (SBOM) documents would be ...