A widely used open-source Python library was compromised on the Python Package Index (PyPI). Versions 1.82.7 and 1.82.8 of the…
A critical vulnerability has been identified in the PyPI-distributed version of PLY (Python Lex-Yacc) 3.11, allowing arbitrary code execution through…
Python ranks among the most popular languages in cybersecurity for building penetration testing tools, powering everything from vulnerability scanners to…
A sophisticated software supply chain attack leveraging Python Package Index (PyPI) repositories to deploy malware using Google's SMTP infrastructure as…
A critical vulnerability in the widely-used python-json-logger library has been identified, potentially allowing attackers to execute arbitrary code on affected…
Python has officially standardized a lock file format with the acceptance of PEP 751 marking a significant milestone for the…
Security researchers have uncovered a sophisticated malware campaign targeting users of the Python Package Index (PyPI), Python's official third-party software…
A recently disclosed vulnerability in the widely used Python JSON Logger library has exposed an estimated 43 million installations to…
A critical remote code execution (RCE) vulnerability (CVE-2025–27364) has been identified in all versions of MITRE Caldera prior to commit…
Two malicious Python Package Index (PyPI) packages: Zebo-0.1.0 and Cometlogger-0.1, have been identified, posing a significant threat to user security. These packages,…