Sonatype exposes malicious PyPI package ‘pytoileur’

Sonatype has exposed 'pytoileur', a malicious PyPI package designed to download and install trojanised Windows binaries capable of surveillance, commandeering persistence, and stealing cryptocurrency. This discovery is part of a broader, months-long "Cool package" campaign aimed at infiltrating the coding community.

Yesterday, an automated malware detection system operated by Sonatype, known as the Sonatype Repository Firewall, flagged a newly published PyPI package called...

Phylum uncovers targeted malware disguised in Python package

Phylum’s cybersecurity experts have detected a malicious payload embedded within a popular Python package on the PyPI repository. The package, named requests-darwin-lite, is an unauthorised variant of the widely-used requests library.

The requests-darwin-lite package was cleverly designed to emulate its legitimate counterpart but included a Go binary concealed within an oversized image file pretending to be a simple logo. This file – a PNG labelled as a sidebar image –...

GitHub updates Innovation Graph with latest developer trends

GitHub's Innovation Graph has been updated with data from Q4 2023, offering a comprehensive view of global developer activity over the past four years.

The latest findings highlight the increasing popularity of AI among developers, leading to a rise in project documentation. This trend is attributed to the widespread use of chat-based generative AI tools like GitHub Copilot Chat and ChatGPT.

"While we recognise that it's not a panacea, perhaps generative AI technologies...

JetBrains launches 2024.1 with local AI code completion

JetBrains has released the 2024.1 updates for its IDEs with several major new features, headlined by full-line code autocompletion powered by local AI models.

The new full-line code completion functionality ensures code suggestions are processed entirely on the user's device, minimising latency and providing a seamless offline experience.

“We’ve developed models that run directly on your device, and the IDE verifies each suggestion,” explained Mikhail Kostyukov,...

Python skills ‘increasingly essential’ to dev teams venturing into advanced AI

Python’s status as the primary language for AI and machine learning projects, from its extensive data-handling capabilities to its flexibility and portability, is well-founded. Just how well-founded can be seen in new user data from Snowflake.

The cloud data provider reported that, year on year, use of Python grew 571% in Snowpark, Snowflake’s set of libraries which securely deploy and process non-SQL code. In other words, it will not be a surprise to see Python, Scala and...

PyPI suspends registrations amid malware attack

The Python Package Index (PyPI) has suspended new project creation and user registration to mitigate an ongoing malware upload campaign. This move comes as security researchers at Checkmarx uncovered a campaign involving multiple malicious packages related to the same threat actors.

The attackers are targeting victims through typosquatting attacks, tricking users into installing malicious Python packages through their command-line interface. This multi-stage attack aims to steal...

GitHub’s code scanning autofix enters public beta

GitHub has announced that its code scanning autofix feature, powered by GitHub Copilot and CodeQL, is now available in public beta for all GitHub Advanced Security customers.

The autofix tool aims to remediate over two-thirds of vulnerabilities found during code scanning with minimal editing required by developers.

"Our vision for application security is an environment where found means fixed," said GitHub in a blog post. "By prioritising the developer experience in...

Python packages caught using DLL sideloading to bypass security

ReversingLabs researchers have uncovered Python packages using DLL sideloading to bypass security tools.

On 10 January 2024, Karlo Zanki, a reverse engineer at ReversingLabs, stumbled upon two suspicious packages on the Python Package Index (PyPI). These packages – named NP6HelperHttptest and NP6HelperHttper – were found to be utilising DLL sideloading, a known technique used by malicious actors to execute code discreetly and evade detection from security tools.

This...

Google adds iOS and Android simulators to Project IDX

Google has added iOS and Android simulators directly within its cloud-based developer workspace, Project IDX. 

The search giant launched Project IDX six months ago as an experimental tool to streamline full-stack, multiplatform app development. It consolidates the complex workflows traditionally associated with building mobile and web apps into a single, collaborative environment.

Pasquale D’Silva, developer of the AI-powered content creation app Tanaki built with...

Open source wins concessions in new EU cyber law

The European Cyber Resilience Act (CRA) has undergone substantial revisions, bringing relief to the open-source community.

Back in April, the Python Software Foundation (PSF) had expressed concerns about potential repercussions for CPython and PyPI if the initial form of CRA were to be enacted.

The primary worry was that, in the course of providing open-source software, the PSF and the Python community might assume legal responsibility for security issues in products...