#pythonpackages — Public Fediverse posts

Khám phá các gói Python tương tự bằng cách sử dụng độ tương tự Jaccard trên các依赖 chung #pypdepsim #Python #JaccardSimilarity #GóiPythonTươngTự #TìmKiếmGóiMới #CôngCụLậpTrình #PythonPackages #SimilarPackages #JaccardSimilarityAlgorithm

https://www.reddit.com/r/opensource/comments/1ommyyx/pypdepsim_discover_similar_python_packages_using/

PyOCI – Publish and install private Python packages using OCI/Docker registries

https://github.com/AllexVeldman/pyoci

#HackerNews #PyOCI #PythonPackages #OCI #DockerRegistry #OpenSource #SoftwareDevelopment

PyOCI – Publish and install private Python packages using OCI/Docker registries

https://github.com/AllexVeldman/pyoci

#HackerNews #PyOCI #PythonPackages #OCI #DockerRegistry #OpenSource #SoftwareDevelopment

PyOCI – Publish and install private Python packages using OCI/Docker registries

https://github.com/AllexVeldman/pyoci

#HackerNews #PyOCI #PythonPackages #OCI #DockerRegistry #OpenSource #SoftwareDevelopment

PyOCI – Publish and install private Python packages using OCI/Docker registries

https://github.com/AllexVeldman/pyoci

#HackerNews #PyOCI #PythonPackages #OCI #DockerRegistry #OpenSource #SoftwareDevelopment

PyOCI – Publish and install private Python packages using OCI/Docker registries

https://github.com/AllexVeldman/pyoci

#HackerNews #PyOCI #PythonPackages #OCI #DockerRegistry #OpenSource #SoftwareDevelopment

Yet another coder contraption to save you from yourself: introducing #Pipask, the pip you never asked for. 🙄 Now you can ⛑️ "safely" install Python packages with all the convenience of a root canal. Because nothing says efficiency like more menus and consent forms. 🎉
https://github.com/feynmanix/pipask #codercontraption #PythonPackages #softwaredevelopment #developerhumor #techsatire #HackerNews #ngated

Yet another coder contraption to save you from yourself: introducing #Pipask, the pip you never asked for. 🙄 Now you can ⛑️ "safely" install Python packages with all the convenience of a root canal. Because nothing says efficiency like more menus and consent forms. 🎉
https://github.com/feynmanix/pipask #codercontraption #PythonPackages #softwaredevelopment #developerhumor #techsatire #HackerNews #ngated

Yet another coder contraption to save you from yourself: introducing #Pipask, the pip you never asked for. 🙄 Now you can ⛑️ "safely" install Python packages with all the convenience of a root canal. Because nothing says efficiency like more menus and consent forms. 🎉
https://github.com/feynmanix/pipask #codercontraption #PythonPackages #softwaredevelopment #developerhumor #techsatire #HackerNews #ngated

Yet another coder contraption to save you from yourself: introducing #Pipask, the pip you never asked for. 🙄 Now you can ⛑️ "safely" install Python packages with all the convenience of a root canal. Because nothing says efficiency like more menus and consent forms. 🎉
https://github.com/feynmanix/pipask #codercontraption #PythonPackages #softwaredevelopment #developerhumor #techsatire #HackerNews #ngated

Key Points:
➡️ "pip show" command displays package metadata, including dependencies.
➡️ "pip freeze" lists all installed packages and their versions.
➡️ Check "requirements.txt" for project dependencies.
➡️ "pipdeptree" visualizes the dependency tree.
➡️ Use virtual environments to manage dependencies in isolation.

https://sqlpey.com/python/top-5-methods-to-list-package-dependencies-using-pip

#Python#Dependencies #Pip #Programming #PythonPackages #pipdeptree

Key Points:
➡️ "pip show" command displays package metadata, including dependencies.
➡️ "pip freeze" lists all installed packages and their versions.
➡️ Check "requirements.txt" for project dependencies.
➡️ "pipdeptree" visualizes the dependency tree.
➡️ Use virtual environments to manage dependencies in isolation.

https://sqlpey.com/python/top-5-methods-to-list-package-dependencies-using-pip

#Python#Dependencies #Pip #Programming #PythonPackages #pipdeptree

Key Points:
➡️ "pip show" command displays package metadata, including dependencies.
➡️ "pip freeze" lists all installed packages and their versions.
➡️ Check "requirements.txt" for project dependencies.
➡️ "pipdeptree" visualizes the dependency tree.
➡️ Use virtual environments to manage dependencies in isolation.

https://sqlpey.com/python/top-5-methods-to-list-package-dependencies-using-pip

#Python#Dependencies #Pip #Programming #PythonPackages #pipdeptree

Key Points:
➡️ "pip show" command displays package metadata, including dependencies.
➡️ "pip freeze" lists all installed packages and their versions.
➡️ Check "requirements.txt" for project dependencies.
➡️ "pipdeptree" visualizes the dependency tree.
➡️ Use virtual environments to manage dependencies in isolation.

https://sqlpey.com/python/top-5-methods-to-list-package-dependencies-using-pip

#Python#Dependencies #Pip #Programming #PythonPackages #pipdeptree

Key Points:
➡️ "pip show" command displays package metadata, including dependencies.
➡️ "pip freeze" lists all installed packages and their versions.
➡️ Check "requirements.txt" for project dependencies.
➡️ "pipdeptree" visualizes the dependency tree.
➡️ Use virtual environments to manage dependencies in isolation.

https://sqlpey.com/python/top-5-methods-to-list-package-dependencies-using-pip

#Python#Dependencies #Pip #Programming #PythonPackages #pipdeptree

New PondRAT Malware Hidden in Python Packages Targets Software Developers
https://thehackernews.com/2024/09/new-pondrat-malware-hidden-in-python.html #Cybercrime #Malware #PondRAT #Python #PythonPackages

New PondRAT Malware Hidden in Python Packages Targets Software Developers
https://thehackernews.com/2024/09/new-pondrat-malware-hidden-in-python.html #Cybercrime #Malware #PondRAT #Python #PythonPackages

New PondRAT Malware Hidden in Python Packages Targets Software Developers
https://thehackernews.com/2024/09/new-pondrat-malware-hidden-in-python.html #Cybercrime #Malware #PondRAT #Python #PythonPackages

New PondRAT Malware Hidden in Python Packages Targets Software Developers
https://thehackernews.com/2024/09/new-pondrat-malware-hidden-in-python.html #Cybercrime #Malware #PondRAT #Python #PythonPackages

New PondRAT Malware Hidden in Python Packages Targets Software Developers
https://thehackernews.com/2024/09/new-pondrat-malware-hidden-in-python.html #Cybercrime #Malware #PondRAT #Python #PythonPackages

Python Packages Infected with New PondRAT Malware Targeting Software Developers
Are you a software developer who relies on Python packages for your projects? Well, buckle up because there's a new malware in town targeting Python packages, and it's called PondRAT. Palo Alto Networks Unit 42 recently...
#PythonPackages #PondRAT #MalwareAlert #SoftwareSecurity #CyberThreats #DeveloperSafety #MalwareProtection #CodeSecurity #TechNews #CyberAwareness #news #tech
https://cloudhosting.evostrix.eu/python-packages-infected-with-new-pondrat-malware-targeting-software-developers/

Hackers Distributing Malicious Python Packages via Popular Developer Q&A Platform
https://thehackernews.com/2024/08/hackers-distributing-malicious-python.html #Cybercrime #Malware #PythonPackages

Hackers Distributing Malicious Python Packages via Popular Developer Q&A Platform
https://thehackernews.com/2024/08/hackers-distributing-malicious-python.html #Cybercrime #Malware #PythonPackages

Hackers Distributing Malicious Python Packages via Popular Developer Q&A Platform
https://thehackernews.com/2024/08/hackers-distributing-malicious-python.html #Cybercrime #Malware #PythonPackages

Hackers Distributing Malicious Python Packages via Popular Developer Q&A Platform
https://thehackernews.com/2024/08/hackers-distributing-malicious-python.html #Cybercrime #Malware #PythonPackages

Hackers Distributing Malicious Python Packages via Popular Developer Q&A Platform
https://thehackernews.com/2024/08/hackers-distributing-malicious-python.html #Cybercrime #Malware #PythonPackages

Cybercriminals Abusing Stack Overflow to Distribute Malware

Date: May 30, 2024

CVE: Not specified

Vulnerability Type: Social Engineering, Malware Distribution

CWE: [[CWE-494]], [[CWE-434]], [[CWE-22]]

Sources: BleepingComputer

Synopsis

Cybercriminals are exploiting Stack Overflow to distribute malware by posing as helpful users and promoting malicious packages as solutions to programming queries.

Issue Summary

Cybercriminals are posing as users on Stack Overflow to answer questions with solutions that involve installing a malicious PyPi package named 'pytoileur'. This package, part of the "Cool package" campaign, targets Windows users by installing information-stealing malware.

Technical Key Findings

The malicious package 'pytoileur' includes a setup script that contains an obfuscated Base64 encoded command. This command, when decoded, downloads and executes a malware executable disguised as 'runtime.exe'. This malware is designed to steal sensitive information like cookies, passwords, browser history, and other data from web browsers.

Vulnerable Products

• Windows operating systems targeted via the PyPi package 'pytoileur'.

Impact Assessment

The malware can steal a wide range of personal and sensitive data, including login credentials, financial information, and personal documents. This data can be sold on dark web markets or used for further cyberattacks.

Patches or Workaround

Developers should always verify the authenticity of packages before installation and inspect the code for any obfuscated or unusual commands. No specific patches are provided, but vigilance in package verification is crucial.

Tags

#Malware #PyPi #Windows #StackOverflow #InformationStealer #Cybersecurity #SocialEngineering #SoftwareDevelopment #PythonPackages

Cybercriminals Abusing Stack Overflow to Distribute Malware

Date: May 30, 2024

CVE: Not specified

Vulnerability Type: Social Engineering, Malware Distribution

CWE: [[CWE-494]], [[CWE-434]], [[CWE-22]]

Sources: BleepingComputer

Synopsis

Cybercriminals are exploiting Stack Overflow to distribute malware by posing as helpful users and promoting malicious packages as solutions to programming queries.

Issue Summary

Cybercriminals are posing as users on Stack Overflow to answer questions with solutions that involve installing a malicious PyPi package named 'pytoileur'. This package, part of the "Cool package" campaign, targets Windows users by installing information-stealing malware.

Technical Key Findings

The malicious package 'pytoileur' includes a setup script that contains an obfuscated Base64 encoded command. This command, when decoded, downloads and executes a malware executable disguised as 'runtime.exe'. This malware is designed to steal sensitive information like cookies, passwords, browser history, and other data from web browsers.

Vulnerable Products

• Windows operating systems targeted via the PyPi package 'pytoileur'.

Impact Assessment

The malware can steal a wide range of personal and sensitive data, including login credentials, financial information, and personal documents. This data can be sold on dark web markets or used for further cyberattacks.

Patches or Workaround

Developers should always verify the authenticity of packages before installation and inspect the code for any obfuscated or unusual commands. No specific patches are provided, but vigilance in package verification is crucial.

Tags

#Malware #PyPi #Windows #StackOverflow #InformationStealer #Cybersecurity #SocialEngineering #SoftwareDevelopment #PythonPackages

Cybercriminals Abusing Stack Overflow to Distribute Malware

Date: May 30, 2024

CVE: Not specified

Vulnerability Type: Social Engineering, Malware Distribution

CWE: [[CWE-494]], [[CWE-434]], [[CWE-22]]

Sources: BleepingComputer

Synopsis

Cybercriminals are exploiting Stack Overflow to distribute malware by posing as helpful users and promoting malicious packages as solutions to programming queries.

Issue Summary

Cybercriminals are posing as users on Stack Overflow to answer questions with solutions that involve installing a malicious PyPi package named 'pytoileur'. This package, part of the "Cool package" campaign, targets Windows users by installing information-stealing malware.

Technical Key Findings

The malicious package 'pytoileur' includes a setup script that contains an obfuscated Base64 encoded command. This command, when decoded, downloads and executes a malware executable disguised as 'runtime.exe'. This malware is designed to steal sensitive information like cookies, passwords, browser history, and other data from web browsers.

Vulnerable Products

• Windows operating systems targeted via the PyPi package 'pytoileur'.

Impact Assessment

The malware can steal a wide range of personal and sensitive data, including login credentials, financial information, and personal documents. This data can be sold on dark web markets or used for further cyberattacks.

Patches or Workaround

Developers should always verify the authenticity of packages before installation and inspect the code for any obfuscated or unusual commands. No specific patches are provided, but vigilance in package verification is crucial.

Tags

#Malware #PyPi #Windows #StackOverflow #InformationStealer #Cybersecurity #SocialEngineering #SoftwareDevelopment #PythonPackages

Cybercriminals Abusing Stack Overflow to Distribute Malware

Date: May 30, 2024

CVE: Not specified

Vulnerability Type: Social Engineering, Malware Distribution

CWE: [[CWE-494]], [[CWE-434]], [[CWE-22]]

Sources: BleepingComputer

Synopsis

Cybercriminals are exploiting Stack Overflow to distribute malware by posing as helpful users and promoting malicious packages as solutions to programming queries.

Issue Summary

Cybercriminals are posing as users on Stack Overflow to answer questions with solutions that involve installing a malicious PyPi package named 'pytoileur'. This package, part of the "Cool package" campaign, targets Windows users by installing information-stealing malware.

Technical Key Findings

The malicious package 'pytoileur' includes a setup script that contains an obfuscated Base64 encoded command. This command, when decoded, downloads and executes a malware executable disguised as 'runtime.exe'. This malware is designed to steal sensitive information like cookies, passwords, browser history, and other data from web browsers.

Vulnerable Products

• Windows operating systems targeted via the PyPi package 'pytoileur'.

Impact Assessment

The malware can steal a wide range of personal and sensitive data, including login credentials, financial information, and personal documents. This data can be sold on dark web markets or used for further cyberattacks.

Patches or Workaround

Developers should always verify the authenticity of packages before installation and inspect the code for any obfuscated or unusual commands. No specific patches are provided, but vigilance in package verification is crucial.

Tags

#Malware #PyPi #Windows #StackOverflow #InformationStealer #Cybersecurity #SocialEngineering #SoftwareDevelopment #PythonPackages

Cybercriminals Abusing Stack Overflow to Distribute Malware

Date: May 30, 2024

CVE: Not specified

Vulnerability Type: Social Engineering, Malware Distribution

CWE: [[CWE-494]], [[CWE-434]], [[CWE-22]]

Sources: BleepingComputer

Synopsis

Cybercriminals are exploiting Stack Overflow to distribute malware by posing as helpful users and promoting malicious packages as solutions to programming queries.

Issue Summary

Cybercriminals are posing as users on Stack Overflow to answer questions with solutions that involve installing a malicious PyPi package named 'pytoileur'. This package, part of the "Cool package" campaign, targets Windows users by installing information-stealing malware.

Technical Key Findings

The malicious package 'pytoileur' includes a setup script that contains an obfuscated Base64 encoded command. This command, when decoded, downloads and executes a malware executable disguised as 'runtime.exe'. This malware is designed to steal sensitive information like cookies, passwords, browser history, and other data from web browsers.

Vulnerable Products

• Windows operating systems targeted via the PyPi package 'pytoileur'.

Impact Assessment

The malware can steal a wide range of personal and sensitive data, including login credentials, financial information, and personal documents. This data can be sold on dark web markets or used for further cyberattacks.

Patches or Workaround

Developers should always verify the authenticity of packages before installation and inspect the code for any obfuscated or unusual commands. No specific patches are provided, but vigilance in package verification is crucial.

Tags

#Malware #PyPi #Windows #StackOverflow #InformationStealer #Cybersecurity #SocialEngineering #SoftwareDevelopment #PythonPackages

IDK how I can be this late to realise there's 'pipx' for python package management, which is better than the old way of managing python packages 'pip'. I found it really nice that 'pipx' have a feature that allows to run a specific package to try it out before installing it. How comes I only realizing 'pipx' is existing just now 🤯 , like I have been leaving under a rock for years. 😅 🙄

#python #pythonpackages #pip #pipx

IDK how I can be this late to realise there's 'pipx' for python package management, which is better than the old way of managing python packages 'pip'. I found it really nice that 'pipx' have a feature that allows to run a specific package to try it out before installing it. How comes I only realizing 'pipx' is existing just now 🤯 , like I have been leaving under a rock for years. 😅 🙄

#python #pythonpackages #pip #pipx

IDK how I can be this late to realise there's 'pipx' for python package management, which is better than the old way of managing python packages 'pip'. I found it really nice that 'pipx' have a feature that allows to run a specific package to try it out before installing it. How comes I only realizing 'pipx' is existing just now 🤯 , like I have been leaving under a rock for years. 😅 🙄

#python #pythonpackages #pip #pipx

IDK how I can be this late to realise there's 'pipx' for python package management, which is better than the old way of managing python packages 'pip'. I found it really nice that 'pipx' have a feature that allows to run a specific package to try it out before installing it. How comes I only realizing 'pipx' is existing just now 🤯 , like I have been leaving under a rock for years. 😅 🙄

#python #pythonpackages #pip #pipx

IDK how I can be this late to realise there's 'pipx' for python package management, which is better than the old way of managing python packages 'pip'. I found it really nice that 'pipx' have a feature that allows to run a specific package to try it out before installing it. How comes I only realizing 'pipx' is existing just now 🤯 , like I have been leaving under a rock for years. 😅 🙄

#python #pythonpackages #pip #pipx

I had #ChatGPT write a #Python script to scan my machines for the infected packages mentioned in this @BleepingComputer article. I've tested it on my work laptop and that is it. Please feel free to test it out and let me know if it works.

https://github.com/ludothegreat/Python-Package-Security-Scanner

#PythonSecurity #MaliciousPackages #DataProtection #PythonScript #InfoSec #cybersecurity #PythonPackages

I had #ChatGPT write a #Python script to scan my machines for the infected packages mentioned in this @BleepingComputer article. I've tested it on my work laptop and that is it. Please feel free to test it out and let me know if it works.

https://github.com/ludothegreat/Python-Package-Security-Scanner

#PythonSecurity #MaliciousPackages #DataProtection #PythonScript #InfoSec #cybersecurity #PythonPackages

I had #ChatGPT write a #Python script to scan my machines for the infected packages mentioned in this @BleepingComputer article. I've tested it on my work laptop and that is it. Please feel free to test it out and let me know if it works.

https://github.com/ludothegreat/Python-Package-Security-Scanner

#PythonSecurity #MaliciousPackages #DataProtection #PythonScript #InfoSec #cybersecurity #PythonPackages

I had #ChatGPT write a #Python script to scan my machines for the infected packages mentioned in this @BleepingComputer article. I've tested it on my work laptop and that is it. Please feel free to test it out and let me know if it works.

https://github.com/ludothegreat/Python-Package-Security-Scanner

#PythonSecurity #MaliciousPackages #DataProtection #PythonScript #InfoSec #cybersecurity #PythonPackages

I had #ChatGPT write a #Python script to scan my machines for the infected packages mentioned in this @BleepingComputer article. I've tested it on my work laptop and that is it. Please feel free to test it out and let me know if it works.

https://github.com/ludothegreat/Python-Package-Security-Scanner

#PythonSecurity #MaliciousPackages #DataProtection #PythonScript #InfoSec #cybersecurity #PythonPackages

To run the tool, I had to install #Python, and two #PythonPackages. It's running now. It will take several hours to download everything. I'm curious to see:
- How much disk space this takes up!
- The fidelity.

I've noticed already that #Photographs don't have their metadata, e.g.: DateTaken. So that reduces the usefulness for my purposes. But I can trace a photo back to the associated tweet to figure it out, if it matters.

#TwitterMigration

@dbc3 @ConserveLetters

To run the tool, I had to install #Python, and two #PythonPackages. It's running now. It will take several hours to download everything. I'm curious to see:
- How much disk space this takes up!
- The fidelity.

I've noticed already that #Photographs don't have their metadata, e.g.: DateTaken. So that reduces the usefulness for my purposes. But I can trace a photo back to the associated tweet to figure it out, if it matters.

#TwitterMigration

@dbc3 @ConserveLetters

To run the tool, I had to install #Python, and two #PythonPackages. It's running now. It will take several hours to download everything. I'm curious to see:
- How much disk space this takes up!
- The fidelity.

I've noticed already that #Photographs don't have their metadata, e.g.: DateTaken. So that reduces the usefulness for my purposes. But I can trace a photo back to the associated tweet to figure it out, if it matters.

#TwitterMigration

@dbc3 @ConserveLetters

To run the tool, I had to install #Python, and two #PythonPackages. It's running now. It will take several hours to download everything. I'm curious to see:
- How much disk space this takes up!
- The fidelity.

I've noticed already that #Photographs don't have their metadata, e.g.: DateTaken. So that reduces the usefulness for my purposes. But I can trace a photo back to the associated tweet to figure it out, if it matters.

#TwitterMigration

@dbc3 @ConserveLetters

To run the tool, I had to install #Python, and two #PythonPackages. It's running now. It will take several hours to download everything. I'm curious to see:
- How much disk space this takes up!
- The fidelity.

I've noticed already that #Photographs don't have their metadata, e.g.: DateTaken. So that reduces the usefulness for my purposes. But I can trace a photo back to the associated tweet to figure it out, if it matters.

#TwitterMigration

@dbc3 @ConserveLetters