WeLiveSecurity

A pernicious potpourri of Python packages in PyPI

PyPI is popular among Python programmers for sharing and downloading code. Since anyone can contribute to the repository, malware – sometimes posing as legitimate, popular code libraries – can appear ...
Bleeping Computer

Ten Malicious Libraries Found on PyPI - Python Package Index

The Slovak National Security Office (NBU) has identified ten malicious Python libraries uploaded on PyPI — Python Package Index — the official third-party software repository for the Python ...
InfoWorld

Faker NPM package back on track after malicious coding incident

A new group of maintainers is proceeding with an ‘official’ version of the Faker JavaScript library after the previous maintainer went rogue. In the wake of a recent incident that wreaked havoc on the ...