CVE-2022-44053 - How a PyPI Backdoor in d8s-htm and democritus-user-agents Put Python Developers at Risk
Python’s package repository, PyPI, has become a trusted source of libraries for millions of developers. But every once in a while, something sneaky makes
CVE-2022-43306 - The Backdoor in d8s-timer & d8s-htm Exposes Python Users to Code Execution
In 2022, the Python ecosystem found itself again battling the threat of supply chain attacks after the discovery of a backdoor in the d8s-timer and
CVE-2022-44052 - Unpacking a Python Supply Chain Attack — Malicious Backdoor in d8s-dates and d8s-htm
Python’s rich package ecosystem is one of its biggest strengths, but it’s also a major attack surface. Recent supply chain incidents have shown
CVE-2022-44049 - Code Execution Backdoor in d8s-python and Related PyPI Packages
Python developers depend deeply on the safety and trustworthiness of the open source ecosystem. However, every now and then, a threat sneaks in through a
CVE-2022-44051 - How a Malicious Backdoor Sneaked into d8s-stats and d8s-htm Python Packages
The Python world moves fast, and PyPI hosts millions of public packages you can install with just one command. But not all code is safe:
Episode
00:00:00
00:00:00