all InfoSec news
Series: How Malicious Python Code Gains Execution
Phylum blog.phylum.io
The primary vector for malicious code running in software developer environments (e.g., local system, CI/CD runners, production servers, etc.) is software dependencies. This is third-party code which often means open-source software, also known as running code from strangers on the internet.
The prized goal for attackers is arbitrary
attackers code dependencies developer environments etc gains goal insights and resources internet local malicious open-source software party production python runners running series servers software software developer system third third-party