Dark Reading

Novel PyPI Malware Uses Compiled Python Bytecode to Evade Detection

In a new twist on software supply chain attacks, researchers have discovered a Python package hiding malware inside of compiled code, allowing it to evade ordinary detection measures. On April 17, ...
GitHub

requirements_compiled_ray_py311.txt

# pip-compile --constraint=python/requirements_compiled_ray_test_py311.txt --generate-hashes --output-file=python/requirements_compiled_ray_py311.txt --strip-extras ...
GitHub

detect if python dependency can be resolved via non-compiled file

Currently, the dependency chain of python stuff is created before cython invocations. This currently leads to the problem that if some python file depends on another python file that will be compiled, ...
Security Boulevard

Fake recruiter coding tests target devs with malicious Python packages

ReversingLabs researchers have identified new, malicious software packages believe to be linked to a campaign, VMConnect, that our team first identified in August 2023 and which has ties to the North ...