CVE-2022-43304 - The Hidden Threat in d8s-timer and Related Python PyPI Packages
Python’s open-source ecosystem is rich and vibrant, but it’s not immune from supply chain attacks. In October 2022, researchers revealed CVE-2022-43304, a serious
CVE-2022-44054 - Hidden Backdoor in d8s-xml & Related Packages Threatens Python Apps
In late 2022, a concerning vulnerability surfaced in the Python ecosystem: CVE-2022-44054. This vulnerability revolved around a sneaky backdoor, slipped into the widely-available d8s-xml package