The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
InfoWorld

CPython vs. PyPy: Which Python runtime has the better JIT?

JIT compiler stack up against PyPy? We ran side-by-side benchmarks to find out, and the answers may surprise you.
WinBuzzer

ChatGPT Containers Gain Bash Support and Multi-Language Code

ChatGPT has quietly gained bash support and multi-language capabilities, enabling users to run commands and install packages in containers without official announcements.
GitHub

Static code analyzer for .NET (Nuget package) based on Security Code Scan.

In most cases, you will want to simply add a new source, sink, sanitizer to existing ruleset. Or probably just a new sink. Check Config/Main.yml file. Entry points are the methods or classes where ...
GitHub

Python 3.12 backport for Debian 12 bookworm

The aim of this project is to provide a Python 3.12 backport to Debian bookworm. Packages are of course much better manageable than compiling the source from scratch. In my opinion it is also more ...
The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...