all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Series: How Malicious Python Code Gains Execution

Add to bookmarks
April 24, 2024, 6:11 p.m. | Charles Coggins

Phylum blog.phylum.io

The primary vector for malicious code running in software developer environments (e.g., local system, CI/CD runners, production servers, etc.) is software dependencies. This is third-party code which often means open-source software, also known as running code from strangers on the internet.

The prized goal for attackers is arbitrary

attackers code dependencies developer environments etc gains goal insights and resources internet local malicious open-source software party production python runners running series servers software software developer system third third-party

Visit resource

More from blog.phylum.io / Phylum

Compiled Python Files 2 days, 4 hours ago | blog.phylum.io
can files insights and resources intent +6
Python Executable Hooks 4 days, 23 hours ago | blog.phylum.io
can code customization global +6
Malicious Go Binary Delivered via Steganography in PyPI 1 week ago | blog.phylum.io
automated binary called detection +13
Adding Spurious Wheels to PyPI 1 week, 1 day ago | blog.phylum.io
artifacts easy hide insights and resources +8
Modern Python Build Hooks 1 week, 4 days ago | blog.phylum.io
arbitrary code arbitrary code execution build building +7
Devious Python Build Requirements 2 weeks, 4 days ago | blog.phylum.io
arbitrary code attackers build code +5
Python Package Installation Attacks 3 weeks, 3 days ago | blog.phylum.io
attackers attacks back code +14
Python Trojan Functions and Imports 3 weeks, 3 days ago | blog.phylum.io
calling code concept functions +10
Python Package Spoofing 3 weeks, 3 days ago | blog.phylum.io
authors code developers foundation +18

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Security Operations Manager-West Coast

@ The Walt Disney Company | USA - CA - 2500 Broadway Street
View on infosec-jobs.com

Vulnerability Analyst - Remote (WFH)

@ Cognitive Medical Systems | Phoenix, AZ, US | Oak Ridge, TN, US | Austin, TX, US | Oregon, US | Austin, TX, US
View on infosec-jobs.com

Senior Mainframe Security Administrator

@ Danske Bank | Copenhagen V, Denmark
View on infosec-jobs.com