Dark Reading

Novel PyPI Malware Uses Compiled Python Bytecode to Evade Detection

In a new twist on software supply chain attacks, researchers have discovered a Python package hiding malware inside of compiled code, allowing it to evade ordinary detection measures. On April 17, ...
CSOonline

Fake recruitment campaign targets developers using trojanized Python packages

The number of attacks looking to compromise developer machines has exploded in recent years. There has been a barrage of malicious packages uploaded to public registries such as PyPi and npm, ...
CSOonline

Python GitHub token leak shows binary files can burn developers too

Scrubbing tokens from source code is not enough, as shown by the publishing of a Python Software Foundation access token with administrator privileges to a container image on Docker Hub. A personal ...
it-daily.net

Critical security vulnerability on Docker Hub

A Vulnerability on Docker Hub allowed admin access to the Python Package Index (PyPI) and the injection of malicious code. The JFrog Security Research Team recently identified and mitigated a critical ...
InfoWorld

What is Cython? Python at the speed of C

A superset of Python that compiles to C, Cython combines the ease of Python with the speed of native code. Here's a quick guide to making the most of Cython in your Python programs. Python has a ...
InfoWorld

Microsoft’s Pyjion compiler for Python reaches 1.0

Pyjion, a just-in-time (JIT) compilation system for Python that compiles to the .NET 6 runtime, is now available in a 1.0 version. Pronounced “pigeon,” and developed by Python Software Foundation ...