News

Infosecurity-magazine.com28d
Malicious Machine Learning Model Attack Discovered on PyPI
ReversingLabs said threat actors are using the Pickle file format to conceal malware inside seemingly legitimate AI-related software packages. In this recent incident, attackers published three ...
TechRadar29d
NPM users warned dozens of malicious packages aim to steal host and network data - TechRadar
Cybersecurity researchers Socket have warned of multiple malicious packages hosted on NPM, stealing sensitive user data and relaying it to the attackers. In a blog post, Socket said it identified ...
The Hacker News20d
Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks
Several malicious packages have been uncovered across the npm, Python, and Ruby package repositories that drain ... the malicious package delivers an infostealer payload hidden inside a PyTorch model ...
GitHub13d
Python package of Discrete Time-Event Simulator (DES) for engineering project. It aims to be the fundamental high-level building block for doing practical, real world ... - GitHub
pDESy is a Python package of Discrete Time-Event Simulator (DES). It aims to be the fundamental high-level building block for doing practical, real world engineering project management by using DES ...
GitHub18d
GitHub - package-url/packageurl-python: Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase ...
packageurl.contrib.purl2url.get_repo_url(purl) returns a repository URL inferred from a Package URL. packageurl.contrib.purl2url.get_download_url(purl) returns a download URL inferred from a Package ...