The PyPI GUI Package Manager is a simple and user-friendly graphical interface for managing Python packages from the Python Package Index (PyPI). It provides an intuitive way to search for packages, ...

Abstract: Open-source, community-driven package repositories see thousands of malware packages each year, but do not currently run automated malware detection systems. In this work, we explore the ...

The Python Software Foundation has warned victims of a new wave of phishing attacks using a fake Python Package Index (PyPI) website to reset credentials. Accessible at pypi.org, PyPI is the default ...

The Python Software Foundation warned users this week that threat actors are trying to steal their credentials in phishing attacks using a fake Python Package Index (PyPI) website. PyPI is a ...

Abstract: Limited automated controls integrated into the Python Package Index (PyPI) package uploading process make PyPI an attractive target for attackers to trick developers into using malicious ...

A newly uncovered malicious package on the Python Package Index (PyPI) has raised fresh concerns about the security of open source software repositories. The package, named “dbgpkg,” was discovered by ...

I have been using Pip package manager to install and manage Python packages inside the isolated python virtual environments in my Debian Linux 11. After upgrading ...

ReversingLabs researchers have uncovered Python packages using DLL sideloading to bypass security tools. On 10 January 2024, Karlo Zanki, a reverse engineer at ReversingLabs, stumbled upon two ...

Cybersecurity researchers have discovered two malicious packages on the Python Package Index (PyPI) repository that were found leveraging a technique called DLL side-loading to circumvent detection by ...