Malicious packages on PyPI, including 'nigpal' and 'figflix', have been found to contain WhiteSnake info-stealer malware targeting Windows and Linux systems. Developers are warned to protect their code and verify package sources to prevent the theft of passwords, browser data, wallets, and app logins. This comes after the discovery of the 'distube-config' npm package dropping Windows info-stealing malware. The cybersecurity community is also on alert as an elusive Chinese cyberspy group has been reported to hijack software updates to deliver malware.
Elusive Chinese Cyberspy Group Hijacks Software Updates to Deliver Malware #cybersecurity https://t.co/cU6e91WQFI
Between the 2->3 incompatibilities and the package management disaster, Python is rapidly gaining on Nvidia's Linux drivers in the contest of which software can waste the most of my time.
Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines: https://t.co/xeRQjZrGOs by The Hacker News #infosec #cybersecurity #technology #news
Developers, beware! Malicious packages "nigpal" and "figflix" on PyPI contain WhiteSnake info-stealer. Targets Windows and #Linux systems to steal passwords, browser data, wallets, and app logins. Details: https://t.co/48ZLbiP8QE Protect your code and verify package sources.
Fake 'distube-config' npm package drops Windows info-stealing malware https://t.co/8Q3WaWEDL6 via @sonatype by @Ax_Sharma
Most apps need to be 5x simpler than you expect Most people canβt even figure out the difference between gpt3.5 and gpt4 via dropdown I had to learn this the hard way.. less options, less buttons and configurations
Same with python. Everything beame unnecessarily complex. https://t.co/eCoXMcMEB5