<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1076912843267184&amp;ev=PageView&amp;noscript=1">
[New] Gartner® Leader's Guide to Software Supply Chain Security
Get the Report
Complex Binary Analysis is Critical for Software Supply Chain Security
Read Why
Insights from OWASP: Future-Proofing SBOMs with CycloneDX
Watch Now
July 23, 2019

Malware in PyPI Code Shows Supply Chain Risks

A code backdoor in a package on the Python Package Index demonstrates the importance of verifying code brought in from code repositories

Dark Reading - Suppy blog

Read More: https://www.darkreading.com/application-security/malware-in-pypi-code-shows-supply-chain-risks/d/d-id/1335310

If you want to take a deeper look at our research, check our blog: https://blog.reversinglabs.com/blog/suppy-chain-malware-detecting-malware-in-package-manager-repositories

MORE NEWS

Static Binary Analysis: A Final Exam for Software Supply Chain Protection
News | April 22, 2024
Static Binary Analysis: A Final Exam for Software Supply Chain Protection
ReversingLabs’ Director of Product Management Charlie Jones explains how the attack surface within today’s software supply chains has grown exponentially.
Read More
SecurityWeek: VulnerabilitiesCVE and NVD – A Weak and Fractured Source of Vulnerability Truth
News | April 03, 2024
SecurityWeek: VulnerabilitiesCVE and NVD – A Weak and Fractured Source of Vulnerability Truth
The Common Vulnerabilities and Exposures (CVE) List and the consequent National Vulnerability Database (NVD) can no longer be considered a single central source of vulnerability truth.
Read More
SC Media: Odd NuGet package for industrial equipment raises espionage concerns
News | March 28, 2024
SC Media: Odd NuGet package for industrial equipment raises espionage concerns
ReversingLabs Threat Researcher Petar Kirhmajer published a blog post detailing the research team’s findings on Tuesday.
Read More