CVE-2022-44054 - Hidden Backdoor in d8s-xml & Related Packages Threatens Python Apps
In late 2022, a concerning vulnerability surfaced in the Python ecosystem: CVE-2022-44054. This vulnerability revolved around a sneaky backdoor, slipped into the widely-available d8s-xml package
CVE-2022-43304 - The Hidden Threat in d8s-timer and Related Python PyPI Packages
Python’s open-source ecosystem is rich and vibrant, but it’s not immune from supply chain attacks. In October 2022, researchers revealed CVE-2022-43304, a serious
CVE-2022-44051 - How a Malicious Backdoor Sneaked into d8s-stats and d8s-htm Python Packages
The Python world moves fast, and PyPI hosts millions of public packages you can install with just one command. But not all code is safe:
CVE-2022-44049 - Code Execution Backdoor in d8s-python and Related PyPI Packages
Python developers depend deeply on the safety and trustworthiness of the open source ecosystem. However, every now and then, a threat sneaks in through a
CVE-2022-44052 - Unpacking a Python Supply Chain Attack — Malicious Backdoor in d8s-dates and d8s-htm
Python’s rich package ecosystem is one of its biggest strengths, but it’s also a major attack surface. Recent supply chain incidents have shown
Episode
00:00:00
00:00:00