News

Malicious PyPI packages abuse Gmail, websockets to hijack systems
Seven malicious PyPi packages were found using Gmail's SMTP servers and WebSockets for data exfiltration and remote command ...
Opinion
Database Trends and Applications1dOpinion
Socket Acquires Coana to Bolster Application Security Teams
Socket, a leader in software supply chain security, is acquiring Coana, a top-tier static analysis and reachability engine built by leading security researchers from Aarhus University-boosting ...
GitHub10d
An ASGI web server, for Python.
Uvicorn is an ASGI web server implementation for Python. Until recently Python has lacked a minimal low-level server/application interface for async frameworks. The ASGI specification fills this gap, ...
GitHub20d
RSocket-py
API documentation is at readthedocs.io. Examples can be found in the /examples folder. It contains various server and client usages. The following is a table denoting which client example is ...
The Hacker News28d
Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data
Cybersecurity researchers have uncovered malicious libraries in the Python Package Index (PyPI ... and all subsequent versions carried the same embedded attack logic," the Socket Research Team said.
The Hacker News28d
North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages
"These latest samples employ hexadecimal string encoding to evade automated detection systems and manual code audits, signaling a variation in the threat actors' obfuscation techniques," Socket ...