Cyber Security
Prototype pollution is a dangerous bug class associated with prototype-based languages, the most popular among them JavaScript. One researcher, however, has found a variant of...
Hi, what are you looking for?
Prototype pollution is a dangerous bug class associated with prototype-based languages, the most popular among them JavaScript. One researcher, however, has found a variant of...
An estimated 350,000 open source repositories are affected by a 15-year old path traversal vulnerability in Python’s tarfile module, according to security researchers. Having “stumbled across”...
On Friday, the Python Package Index (PyPI), the official repository of third-party open-source Python projects announced plans to mandate two-factor authentication requirement for maintainers of...
PyPI packages ‘keep,’ ‘pyanxdns,’ ‘api-res-py’ were found to be containing a backdoor due to the presence of malicious ‘request’ dependency within some versions. For example, while most versions...
The Python Package Index (PyPI) has removed malware-deploying and data-stealing packages that were collectively downloaded thousands of times. The trio of malicious packages duped...
The Python standard library ipaddress also suffers from the critical IP address validation vulnerability identical to the flaw that was reported in the “netmask” library earlier this year....
Recent Comments