TECH

Python libraries are being attacked for AWS keys

When a GitHub repository that hasn’t been touched for almost a decade suddenly gets an “update”, users should be wary, as it might just be a hostile takeover with the intention of distributing viruses (opens in new tab)

That’s exactly what happened to the PyPI module “ctx”, which apparently has millions of downloads. Earlier this month, following a software supply chain attack, someone replaced the safe “ctx” code with an updated version that steals developer environment variables and collects secrets such as Amazon AWS keys and credentials.

Follow On Google News

Share this news on your Fb,Twitter and Whatsapp

File source

Times News Express – Breaking News Updates – Latest News Headlines
Times News Express||USA NEWS||WORLD NEWS||CELEBRITY NEWS||POLITICS||TOP STORIES

Show More

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button
Close