Dark Reading

Novel PyPI Malware Uses Compiled Python Bytecode to Evade Detection

In a new twist on software supply chain attacks, researchers have discovered a Python package hiding malware inside of compiled code, allowing it to evade ordinary detection measures. On April 17, ...
it-daily.net

Critical security vulnerability on Docker Hub

A Vulnerability on Docker Hub allowed admin access to the Python Package Index (PyPI) and the injection of malicious code. The JFrog Security Research Team recently identified and mitigated a critical ...