News

InfoWorld

3 takeaways from the Ultralytics AI Python library hack

When attackers compromised Ultralytics YOLO, a popular real-time object detection machine-learning package for Python, most assumed the Python Package Index, or PyPI, must be the point of failure.
Bleeping Computer

Fake password manager coding test used to hack Python developers

Members of the North Korean hacker group Lazarus posing as recruiters are baiting Python developers with coding test project for password management products that include malware. The attacks are part ...
Hosted on MSN

North Korean hackers target Python devs with malware disguised as coding tests — hack has been underway for a year

Few things are more strenuous than finding new employment— but even worse is when a potential new employer turns out to be fake and is instead using an apparent job opportunity as a way to infect you ...
TechRepublic

350,000 open source projects at risk from Python vulnerability

Cybersecurity company Trellix announced Wednesday that a known Python vulnerability puts 350,000 open-source projects and the applications that use them at risk of device take over or malicious code ...
Bleeping Computer

Hackers target Python devs in phishing attacks using fake PyPI site

The Python Software Foundation warned users this week that threat actors are trying to steal their credentials in phishing attacks using a fake Python Package Index (PyPI) website. PyPI is a ...
CoinDesk

North Korean Hackers Are Targeting Top Crypto Firms With Malware Hidden in Job Applications

A North Korean hacking group is targeting crypto workers with a Python-based malware disguised as part of a fake job application process, researchers at Cisco Talos said earlier this week. Most ...