News/Tech News

Security threats are hidden in Python libraries

Published on Aug 20, 2022

Researchers claim threat actors are using typosquatting to attack Python developers.

Researchers from analysed PyPI, a software repository for Python programmers, and found ten malicious packages. Developers were duped into downloading and adopting the tainted ones by giving them identical names to termination boxes.

Typosquatting is a common attack among cyber criminals. It’s used not just on code repositories (though we’ve seen numerous instances on GitHub, for instance, in the past) but also in phishing emails and fake websites.

By adopting these packages, victims are giving threat actors keys to their kingdoms since the malware supports the theft of private data and developer credentials. Afterward, the attackers would send the data to a third party without the victims knowing. According to Spectralops, PyPi has more than 600,000 active users, indicating a large threat landscape.

“These attacks rely on Python installation and can include arbitrary code snippets, which can be used by malicious players to put their malicious code,” Ori Abramovsky, Data Science Lead for, explained. “We discovered it using machine learning models which analyse the code of these packages and auto alert on the malicious ones.”

Tech News


Version 2206 of Microsoft 365 was pulled due to app crashes

The Microsoft 365 version 2206 update has been pulled after users reported that their Office applications crash when they view contact cards or hover over a user’s name or photo…

Python 3.11, An Upgrade

Welcome Python 3.11, An Upgrade To Control Decades-Long Speed

Compared to Python 3.10, Python 3.11 is 10-60% faster. Using the standard benchmark suite, developers measured an average speedup of 1.25x…

Our Latest Blog

Unlock Your Potential with a Level 5 Diploma in Business London's Top Courses img

Unlock Your Potential with a Level 5 Diploma in Business: London’s Top Courses

Are you looking to enhance your knowledge and skills in the field of business? Do...
Read More
Unlock Your Potential with Level 4 Diploma in Business Courses in London img

Unlock Your Potential with Level 4 Diploma in Business Courses in London

Are you looking for a comprehensive course to take your business career to the next...
Read More

Follow Us


Browse LSET presentations to understand interesting…

Explore Now

Get complete guides to empower yourself academically…

Explore Now

Learn about information technology and business…

Explore Now