all InfoSec news
PyPI package 'ctx' and PHP library 'phpass' compromised to steal environment variables
May 24, 2022, 9:53 a.m. | Ax Sharma
Sonatype Blog blog.sonatype.com
This week, immensely popular PyPI package 'ctx' has been compromised and altered to steal environment variables from its users. Additionally, a forked PHP project 'phpass' also suffered a repo-hijacking attack with the project tained with identical malicious payload.
compromised devzone environment featured firewall library malware prevention package php pypi pypi vulnerability vulnerabilities
More from blog.sonatype.com / Sonatype Blog
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Security Compliance Architect - Experian Health (Can be REMOTE from anywhere in the US)
@ Experian | ., ., United States
IT Security Specialist
@ Ørsted | Kuala Lumpur, MY
Senior, Cyber Security Analyst
@ Peloton | New York City
Cyber Security Engineer | Perimeter | Firewall
@ Garmin Cluj | Cluj-Napoca, Cluj County, Romania
Pentester / Ethical Hacker Web/API - Vast/Freelance
@ Resillion | Brussels, Belgium