Python

3 minute read

Fabrice Malware on PyPI Has Been Stealing AWS Credentials for 3 Years

The malicious Python package “Fabrice” on PyPI mimics the “Fabric” library to steal AWS credentials, affecting thousands. Learn how…

byWaqas

November 7, 2024

2 minute read

New PyPI Malware Poses as Crypto Wallet Tools to Steal Private Keys

Checkmarx researchers discovered PyPI malware posing as crypto wallet tools. These malicious packages stole private keys and recovery…

byWaqas

October 1, 2024

3 minute read

New Supply Chain Attack “Revival Hijack” Risks Massive PyPI Takeovers

JFrog's cybersecurity researchers have identified a new PyPI attack technique called "Revival Hijack," which exploits package deletion policies. Over 22,000 packages are at risk, potentially impacting thousands of users. Stay informed!

byWaqas

September 5, 2024

2 minute read

PythonAnywhere Cloud Platform Abused for Hosting Ransomware

Razr ransomware is exploiting PythonAnywhere to distribute and encrypt files with AES-256. ANY.RUN’s analysis reveals its behaviour, C2…

byUzair Amir

August 27, 2024

NTLM Credential Theft Risk in Python Apps Threaten Windows Security

2 minute read

Security

NTLM Credential Theft Risk in Python Apps Threaten Windows Security

New research reveals critical vulnerabilities in Python applications for Windows including Snowflake, Gradio, Jupyter, and Streamlit that could…

byDeeba Ahmed

August 26, 2024

2 minute read

Iraqi Hackers Exploit PyPI to Infiltrate Systems Through Python Packages

Python packages are being used to steal data from developers and companies. Learn about the extensive cybercriminal operation…

byDeeba Ahmed

July 16, 2024

Outdated Wallets Threatening Billions in Crypto Assets

2 minute read

Malicious Node on ComfyUI Steals Data from Crypto, Browser Users

Cryptocurrency users beware: A malicious ComfyUI node steals sensitive data like passwords, crypto wallet addresses, etc. Stay safe…

byDeeba Ahmed

June 10, 2024

AI Python Package Flaw 'Llama Drama' Threatens Software Supply Chain

2 minute read

Security

AI Python Package Flaw ‘Llama Drama’ Threatens Software Supply Chain

The Llama Drama vulnerability in the Llama-cpp-Python package exposes AI models to remote code execution (RCE) attacks, enabling attackers to steal data. Currently, over 6,000 models are affected by this vulnerability.

byWaqas

May 20, 2024

A Checklist for What Every Online Coding Class for Kids Needs

2 minute read

Technology

A Checklist for What Every Online Coding Class for Kids Needs

Is your coding class engaging and effective? Learn what makes the best online coding classes for kids fun, effective, and future-proof!

byUzair Amir

May 4, 2024

Hugging Face Platform Vulnerable to AI Supply Chain Attacks

3 minute read

Vulnerabilities Exposed Hugging Face to AI Supply Chain Attacks

Wiz.io, known for its cloud security expertise, and Hugging Face, a leader in open-source AI tools, are combining their knowledge to develop solutions that address these security concerns. This collaboration signifies a growing focus on securing the foundation of AI advancements.

byDeeba Ahmed

April 5, 2024

The Latest

Google’s Gemini AI Chatbot Keeps Telling Users to Die

Cybersecurity Flaws in US Drinking Water Systems Put 26 Million at Risk

8.8 Rated PostgreSQL Vulnerability Puts Databases at Risk

Microsoft Power Pages Misconfigurations Expose Millions of Records Globally

Python

Fabrice Malware on PyPI Has Been Stealing AWS Credentials for 3 Years

New PyPI Malware Poses as Crypto Wallet Tools to Steal Private Keys

New Supply Chain Attack “Revival Hijack” Risks Massive PyPI Takeovers

PythonAnywhere Cloud Platform Abused for Hosting Ransomware

NTLM Credential Theft Risk in Python Apps Threaten Windows Security

Iraqi Hackers Exploit PyPI to Infiltrate Systems Through Python Packages

Malicious Node on ComfyUI Steals Data from Crypto, Browser Users

AI Python Package Flaw ‘Llama Drama’ Threatens Software Supply Chain

A Checklist for What Every Online Coding Class for Kids Needs

Sweet Security Announces Availability of its Cloud Native Detection & Response Platform on the AWS Marketplace

ATPC Cyber Forum to Focus on Next Generation Cybersecurity and Artificial Intelligence Issues

INE Launches Initiative to Optimize Year-End Training Budgets with Enhanced Cybersecurity and Networking Programs

INE Security Launches New Training Solutions to Enhance Cyber Hygiene for SMBs

Abusix and Red Sift Form New Partnership, Leveraging Automation to Mitigate Cyber Attacks