TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

By rooter

Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index (PyPI) via a domain takeover attack.
Software supply chain security company ReversingLabs said it found the “vulnerability” in bootstrap files provided by a build and deployment automation tool named “zc.buildout.”
“The

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

Life Mirrors Art: Ransomware Hits Hospitals on TV & IRL

rooter
Cyber Security

Cities Hosting Major Events Need More Focus on Wireless, Drone Defense

rooter
Cyber Security

Cities Hosting Major Events Need More Focus on Wireless, Drone Defense

rooter

Leave a Reply

You Missed

News

Google quantum-proofs HTTPS by squeezing 2.5kB of data into 64-byte space

News

The Air Force’s new ICBM is nearly ready to fly, but there’s nowhere to put it

News

Under a Paramount-WBD merger, two struggling media giants would unite

News

If You Love ‘Chainsaw Man,’ You Should Read ‘Dorohedoro’ and ‘Dai Dark’ Immediately