all InfoSec news
PyPI package ‘ctx’ and PHP library ‘phpass’ compromised to steal environment variables
May 24, 2022, 9:53 a.m. | Ax Sharma
Security Boulevard securityboulevard.com
This week, immensely popular PyPI package 'ctx' has been compromised and altered to steal environment variables from its users. Additionally, a forked PHP project 'phpass' also suffered a repo-hijacking attack with the project tained with identical malicious payload.
The post PyPI package ‘ctx’ and PHP library ‘phpass’ compromised to steal environment variables appeared first on Security Boulevard.
compromised devzone environment featured firewall library malware prevention network security package php pypi pypi vulnerability vulnerabilities
More from securityboulevard.com / Security Boulevard
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Security Engineer 2
@ Oracle | BENGALURU, KARNATAKA, India
Oracle EBS DevSecOps Developer
@ Accenture Federal Services | Arlington, VA
Information Security GRC Specialist - Risk Program Lead
@ Western Digital | Irvine, CA, United States
Senior Cyber Operations Planner (15.09)
@ OCT Consulting, LLC | Washington, District of Columbia, United States
AI Cybersecurity Architect
@ FactSet | India, Hyderabad, DVS, SEZ-1 – Orion B4; FL 7,8,9,11 (Hyderabad - Divyasree 3)