来自MSN12 个月
PyPI stops signing up new users to try and block malware campaign
especially with multiple PyPI administrators on leave.” It took the company the entire weekend to lift the suspension. Via BleepingComputer ...
Bleeping Computer20 天
Ethereum private key stealer on PyPI downloaded over 1,000 times
A malicious Python Package Index (PyPI) package named "set-utils" has been stealing Ethereum private keys through intercepted wallet creation functions and exfiltrating them via the Polygon ...
Bleeping Computer28 天
PyPi package with 100K installs pirated music from Deezer for years
A malicious PyPi package named 'automslc' has been downloaded ... and podcasts. It is offered via an ad-supported free tier or paid subscriptions that support higher audio quality and offline ...