Bleeping Computer

241 npm and PyPI packages caught dropping Linux cryptominers

More than 200 malicious packages have been discovered infiltrating the PyPI and npm open source registries this week. These packages are largely typosquats of widely used libraries and each one of ...
Dark Reading

Citrine Sleet Poisons PyPI Packages With Mac & Linux Malware

One of North Korea's most sophisticated threat groups has been hiding remote access malware for macOS and Linux inside of open source Python packages. North Korean advanced persistent threats (APTs) ...
The Hacker News

SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers

Zscaler reveals SilentSync remote access trojan hidden in two malicious PyPI Python packages, risking browser data theft and multi-OS compromise.
Network World

Commands to find Linux-package updates

Credit: Ian Noble; Modified by IDG Comm. Did you know that you can ask your Linux system to tell you what upgrades are available for the packages installed on it? You might be surprised by how many ...
Computing

Malicious Python packages found exfiltrating user data to Telegram bot

Researchers at security vendor Checkmarx have uncovered an operation, apparently based in Iraq, that uses malware hosted on the Python repository PyPI to search for files on the victim's device and ...
Linux Journal

Doing Astronomy with Python

One of the things that makes Python so powerful is that you can find a module for almost anything. In this article, I cover Astropy, which was originally developed by the Space Telescope Science ...