Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Provides She Lost That Lovin’ Feeling?

    April 1, 2023

    The Risks and Controversies Surrounding Soap2day

    April 1, 2023

    ColombianCupid Review – What Do We Realize About It?

    April 1, 2023
    Facebook Twitter Instagram
    Facebook Twitter Instagram
    NorstratNorstrat
    Subscribe
    • Home
    • Tech News
    • Business
    • Automobile
    • Fashion
    • Norstrat Special
    • Contact Us
    NorstratNorstrat
    Home»Tech News»How Spam Flooded the Official Python Software Package Repository PyPI
    Tech News

    How Spam Flooded the Official Python Software Package Repository PyPI

    uzairBy uzairFebruary 20, 2023No Comments2 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr Email
    How Spam Flooded the Official Python Software Package Repository PyPI
    Share
    Facebook Twitter LinkedIn Pinterest Email
    “The official Python software package repository, PyPI, is getting flooded with spam packages…” Bleeping Computer reported Thursday. “Each of these packages is posted by a unique pseudonymous maintainer account, making it challenging for PyPI to remove the packages and spam accounts all at once…”PyPI is being flooded with spam packages named after popular movies in a style commonly associated with torrent or “warez” sites that provide pirated downloads: watch-(movie-name)-2021-full-online-movie-free-hd-… Although some of these packages are a few weeks old, BleepingComputer observed that spammers are continuing to add newer packages to PyPI… The web page for these bogus packages contain spam keywords and links to movie streaming sites, albeit of questionable legitimacy and legality… February of this year, PyPI had been flooded with bogus “Discord”, “Google”, and “Roblox” keygens in a massive spam attack, as reported by ZDNet. At the time, Ewa Jodlowska, Executive Director of the Python Software Foundation had told ZDNet that the PyPI admins were working on addressing the spam attack, however, by the nature of pypi.org, anyone could publish to the repository, and such occurrences were common. Other than containing spam keywords and links to quasi-video streaming sites, these packages contain files with functional code and author information lifted from legitimate PyPI packages… As previously reported by BleepingComputer, malicious actors have combined code from legitimate packages with otherwise bogus or malicious packages to mask their footsteps, and make the detection of these packages a tad more challenging… In recent months, the attacks on open-source ecosystems like npm, RubyGems, and PyPI have escalated. Threat actors have been caught flooding software repositories with malware, malicious dependency confusion copycats, or simply vigilante packages to spread their message. As such, securing these repositories has turned into a whack-a-mole race between threat actors and repository maintainers.Read more of this story at Slashdot.
    Click here to read full news..
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Avatar
    uzair

    Related Posts

    Maximizing Revenue with Android Mobile App Development: Strategies for Monetization and User Acquisition

    March 14, 2023

    Green Texts In IMessages Nudges Teens To Use IPhones

    February 20, 2023

    Microsoft Names Info-Stealers That Target Crypto Wallets ‘Cryware

    February 20, 2023

    Leave A Reply Cancel Reply

    Don't Miss

    Provides She Lost That Lovin’ Feeling?

    Norstrat Special April 1, 2023

    We’ve all been there. You had been engaged in a connection which started off fantastic.…

    The Risks and Controversies Surrounding Soap2day

    April 1, 2023

    ColombianCupid Review – What Do We Realize About It?

    April 1, 2023

    You Regret Sending that Text – So What Now?

    March 31, 2023
    About Us
    About Us

    Norstrat is a corporation located in Canada that works to assist individuals in the process of growing their businesses in an automated manner.

    Our Picks

    Provides She Lost That Lovin’ Feeling?

    April 1, 2023

    The Risks and Controversies Surrounding Soap2day

    April 1, 2023

    ColombianCupid Review – What Do We Realize About It?

    April 1, 2023
    Navigate Quickly
    • Norstrat Special
    • Tech News
    • Business
    • Fashion
    • Contact Us
    Facebook Twitter Instagram Pinterest
    © Norstrat 2023 All Rights Reserved.

    Type above and press Enter to search. Press Esc to cancel.