WeLiveSecurity

A pernicious potpourri of Python packages in PyPI

PyPI is popular among Python programmers for sharing and downloading code. Since anyone can contribute to the repository, malware – sometimes posing as legitimate, popular code libraries – can appear ...
InfoWorld

Faker NPM package back on track after malicious coding incident

A new group of maintainers is proceeding with an ‘official’ version of the Faker JavaScript library after the previous maintainer went rogue. In the wake of a recent incident that wreaked havoc on the ...