The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...
SecurityWeek

PyPI Warns Users of Fresh Phishing Campaign

Threat actors impersonating PyPI ask users to verify their email for security purposes, directing them to fake websites. The Python Package Index (PyPI), the default platform for Python’s package ...
Bleeping Computer

PyPI urges users to reset credentials after new phishing attacks

The Python Software Foundation has warned victims of a new wave of phishing attacks using a fake Python Package Index (PyPI) website to reset credentials. Accessible at pypi.org, PyPI is the default ...
International Monetary Fund

A Python Package to Assist Macroframework Forecasting: Concepts and Examples

In forecasting economic time series, statistical models often need to be complemented with a process to impose various constraints in a smooth manner. Systematically imposing constraints and retaining ...
C&EN

DynamiSpectra: A Python Software Package and Web Platform for Molecular Dynamics Data Analysis in Computational Biology

Keizo Asami Institute, iLIKA, Federal University of Pernambuco, Recife, Pernambuco 50670-901, Brazil Graduate Program in Biology Applied to Health, PPGBAS, Federal University of Pernambuco, Recife, ...
InfoWorld

Python popularity boosted by AI coding assistants – Tiobe

Python maintains its runaway top ranking in the Tiobe index of programming language popularity, while older languages continue to rise. Perl surprises. Python, the highest-ranking language ever in the ...
Bleeping Computer

Hackers target Python devs in phishing attacks using fake PyPI site

The Python Software Foundation warned users this week that threat actors are trying to steal their credentials in phishing attacks using a fake Python Package Index (PyPI) website. PyPI is a ...
International Monetary Fund

World Economic Outlook Database

The World Economic Outlook (WEO) database contains selected macroeconomic data series from the statistical appendix of the World Economic Outlook report, which presents the IMF staff's analysis and ...
GitHub

ontherivt/req-update-check

A Python tool to check your requirements.txt file for package updates, with optional file caching for better performance. File caching enabled The following packages ...
InfoWorld

3 takeaways from the Ultralytics AI Python library hack

When attackers compromised Ultralytics YOLO, a popular real-time object detection machine-learning package for Python, most assumed the Python Package Index, or PyPI, must be the point of failure.
The Hacker News

PyPI Python Library "aiocpa" Found Exfiltrating Crypto Keys via Telegram Bot

The administrators of the Python Package Index (PyPI) repository have quarantined the package "aiocpa" following a new update that included malicious code to exfiltrate private keys via Telegram. By ...