The vulnerability in question is CVE-2007-4559, initially described as a directory traversal vulnerability in Python’s ‘tarfile’ module that could allow an attacker to remotely overwrite arbitrary files by convincing users to process specially crafted tar archives. The flaw was never properly patched and instead users were warned not to open archive files from untrusted sources. […]
Posts Tagged ‘Python’
Threat actors have been using typosquatting to attack Python developers(opens in new tab) with malware, researchers have claimed. Experts from Spectralops.io recently analyzed PyPI, a software repository for Python programmers, and found ten malicious packages on the platform. All of these were given names that are almost identical to the names of legitimate packages in […]
Category Cyber-crimeMalware
0 Comments
An unknown and likely advanced threat actor is using a novel combination of open source tools, steganography, and a detection bypass technique to attack government agencies, real estate companies, and construction firms in France. Researchers from Proofpoint tracking the phishing campaign have so far not been able to identify either a motive for it or […]
Category Cyber-crimePhishing
0 Comments
SUNDAY, FEBRUARY 23, 2025
WHITE PAPERS
Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...
ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...
Latest Comments