近日，安全公司Socket对外发布警报，揭露了一款名为“Fabrice”的恶意Python命令行工具，其仿冒了知名的SSH自动化工具“Fabric”。这款名为Fabrice的工具，不仅在名字上与正品仅有一字之差，其实质却是一个潜伏在用户设备中的木马病毒。开发者Jeff Forcier维护的Fabric工具已经存在10余年，下载量超过2亿次，而这一假冒工具则自2021年起悄然入侵市场，下载量也达到3 ...

IT之家获悉，目前 Socket 已通知 Python Package Index（PyPI）下架了“Fabrice”，该安全公司同时警告有部署相关库工具的开发者应检查是否下载错误成了“李鬼”山寨版本，避免被黑客趁虚而入。

TIOBE Index for November 2024: Top 10 Most Popular Programming Languages Your email has been sent Python’s popularity in the index shows no sign of slowing. Go rises to its highest position ever ...

整理 | 苏宓出品 | CSDN（ID：CSDNnews）11 月 TIOBE 编程语言榜单已发布，一起来看看本月有什么开发者值得注意的新变化吧！Python 稳居第一，Go 语言继续攀升！近段时间以来，Python ...

11月25日，国际知名安全公司卡巴斯基发布通报，揭露了在Python Package Index（PyPI）平台上发现的两个伪装成AI辅助工具的恶意软件包。这些工具分别名为“gptplus”和“claudeai-eng”，声称能够访问OpenAI的GPT-4Turbo模型和Anthropic的ClaudeAI API，但实际上却是潜藏在背后的木马勒索软件。

A malicious PyPI package “aiocpa,” that stole crypto wallet data via obfuscated code, has been removed after being reported ...

Researchers at the Checkmarx cybersecurity firm sounded the alarm on a dangerous form of malware uploaded to the Python ...

Read the official announcement on the PyPI blog as well! For the past year, we’ve worked with the Python Package Index (PyPI) ...

A malicious Python package has been hiding in the Python Package Index (PyPI) for years, stealthily stealing people’s Amazon ...

Signs of malicious activity were first spotted in version 0.1.13 of the library, which included a change to the Python script ...