News

Bleeping Computer3y
Popular Python and PHP libraries hijacked to steal AWS keys
Python's ctx library and a fork of PHP's phpass have been compromised. 3 million users combined. The malicious code sends all the environment variables to a heroku app, likely to mine AWS credentials.
Bleeping Computer3y
Hacker says hijacking libraries, stealing AWS keys was ethical research
Yesterday, developers took notice of two hugely popular Python and PHP libraries, respectively, 'ctx' and 'PHPass' that had been hijacked, as first reported in the news by BleepingComputer.
ZDNet3y
AWS's AI code reviewer now spots Log4Shell-like bugs in Java and Python ...
Amazon Web Services' automated code review helps developers find serious security issues in Java and Python applications. Written by Liam Tung, Contributing Writer Feb. 16, 2022, 4:21 a.m. PT ...