Bleeping Computer

Python May Let Security Tools See What Operations the Runtime Is Performing

A new feature proposal for the Python programming language wants to add "transparency" to the runtime and let security and auditing tools view when Python may be running potentially dangerous ...
The Hacker News

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

The disclosure comes as HelixGuard discovered a malicious package in PyPI named "spellcheckers" that claims to be a tool for ...
Infosecurity-magazine.com

"Kekw" Malware in Python Packages Could Steal Data and Hijack Crypto

Several harmful Python .whl files containing a new type of malware called “Kekw” have been discovered on PyPI (Python Package Index). According to new data by Cyble Research and Intelligence Labs ...
Dark Reading

Slow Retreat from Python 2 Threatens Code Security

At least one in 10 Python developers and data scientists continue to use the legacy version of the popular programming language as their primary development tool, despite a looming deadline of Jan. 1, ...
The Hacker News

Hackers Hijack Blender 3D Assets to Deploy StealC V2 Data-Stealing Malware

Malicious CGTrader .blend files abuse Blender Auto Run to install StealC V2, raiding browsers, plugins, and crypto wallets.
ZDNet

Python programming: PyPl is rolling out 2FA for critical projects, giving away 4,000 security keys

PyPI or the Python Package Index is giving away 4,000 Google Titan security keys as part of its move to mandatory two-factor authentication (2FA) for critical projects built in the Python programming ...