Search results for python | Breaking Cybersecurity News | The Hacker News

Python has its pros and cons, but it's nonetheless used extensively. For example, Python is frequently used in data crunching tasks even when there are more appropriate languages to choose from. Why? Well, Python is relatively easy to learn. Someone with a science background can pick up Python much more quickly than, say, C. However, Python's inherent approachability also creates a couple of problems. Whenever Python is updated, it means a big refactoring workload, which often gets dealt with poorly – or not at all. That leads to poor performance and security vulnerabilities. But maybe there is a better way: a tool to keep your Python tasks running smoothly and securely day in, day out. Let's take a look. It's slow, but it does the job Python isn't the fastest language around, but despite its comparative disadvantages, you'll often see it used for intensive data crunching operations. Think machine learning, computer vision, or even pure math in high-perform...

When we started our brand new THN Deals Store last week on the special occasion of company's 6th Anniversary, we introduced its very first product, Professional Hacking Certification Package, and received great response from our readers. Thank you! If you have not yet, you can still get this deal — Computer Hacker Professional Certification Package — at 96% discount. This Package offers you all the material and training you require to help pass any of five professional hacker certifications, including CISSP, CISM, CISA, Ethical Hacker and Forensics Investigator to become certified penetration tester. It is a very well known fact that nobody can teach you hacking directly. You need to learn some programming languages to get started, as well as to have knowledge of some basic platforms. I frequently receive emails and messages on what programming language should we learn? So the answer is — Python . But, Why Python? Because it is an excellent programming language that ha...

Did you know it's now possible to build blockchain applications, known also as decentralized applications (or "dApps" for short) in native Python? Blockchain development has traditionally required learning specialized languages, creating a barrier for many developers… until now. AlgoKit , an all-in-one development toolkit for Algorand, enables developers to build blockchain applications in pure Python. This article will walk you through the benefits of building blockchain applications, why Python is an ideal choice for dApp development, how to set up your blockchain development environment, and how to start building secure blockchain applications in native Python.  Why build blockchain applications?  Blockchain application development goes far beyond creating a decentralized database and peer-to-peer transactions. It unlocks a new level of trust, security, and efficiency for various applications. Guarantee tamper-proof records: Blockchain creates an immutable and transpar...

Python is an excellent programming language that has rapidly become popular among Hackers, Reverse engineers, software testers, Forensic analyst and Penetration testers. Python is a simple object-oriented and minimalistic language that is easy to learn for novice programmers as well as experienced developers. Most Python programs run on all major operating systems including Windows, Linux, Mac, etc. What makes Python such an effective platform for Security Professional and Hackers? Python supports pre-built extensive libraries that are specifically designed for penetration testing and provide some powerful functionalities. So if you are looking for a most widely used and easy to learn scripting language, go for Python. Here I'm introducing you a Free IT training from Cybrary – Python for Security Professionals . There is nothing wrong if I say that scripting languages like BASH, Perl, and Ruby can not do the same things as Python, but building those ca...

Confusing Attackers with Artillery By Dave Kennedy (ReL1K) Dave Kennedy (ReL1K) , A security ninja & penetration tester develop Another amazing tool for Linux Protection, Named " Artillery ". This Article is written by Dave for our January Issue of The Hacker News Magazine , We like to share with our website Readers also: I've traditionally been on the offensive side of security through my career. With tools that I've developed like Fast-Track and The Social-Engineer Toolkit (SET), it's primarily focused on the attack front. Awhile back I had an idea of creating a more defensive tool around both Windows and *nix systems and keep things open-source as usual. I started Artillery about three months ago with the intent of developing an open-source project that does a bit of everything. The name " Artillery " spawns from one of my favorite techno bands Infected Mushroom and enhances the overall security of whatever touches it. Artillery supports both Linux and Windows and ...

Python is everywhere in modern software. From machine learning models to production microservices, chances are your code—and your business—depends on Python packages you didn't write. But in 2025, that trust comes with a serious risk. Every few weeks, we're seeing fresh headlines about malicious packages uploaded to the Python Package Index (PyPI)—many going undetected until after they've caused real harm. One of the most dangerous recent examples? In December 2024, attackers quietly compromised the Ultralytics YOLO package, widely used in computer vision applications. It was downloaded thousands of times before anyone noticed. This wasn't an isolated event. This is the new normal. Python supply chain attacks are rising fast—and your next pip install could be the weakest link. Join our webinar to learn what's really happening, what's coming next, and how to secure your code with confidence. Don't wait for a breach. Watch this webinar now and take control. . What's Really Going ...

Researchers have discovered a novel attack on the Python Package Index (PyPI) repository that employs compiled Python code to sidestep detection by application security tools. "It may be the first supply chain attack to take advantage of the fact that Python bytecode (PYC) files can be directly executed," ReversingLabs analyst Karlo Zanki  said  in a report shared with The Hacker News. The package in question is  fshec2 , which was removed from the third-party software registry on April 17, 2023, following responsible disclosure on the same day. PYC files are compiled bytecode files that are generated by the Python interpreter when a Python program is executed. "When a module is imported for the first time (or when the source file has changed since the current compiled file was created) a .pyc file containing the compiled code should be created in a __pycache__ subdirectory of the directory containing the .py file,"  explains  the Python documentation. Th...

This newly discovered bugs in Java and Python is a big deal today. The two popular programming languages, Java and Python, contain similar security flaws that can be exploited to send unauthorized emails and bypass any firewall defenses. And since both the flaws remain unpatched, hackers can take advantage to design potential cyber attack operations against critical networks and infrastructures. The unpatched flaws actually reside in the way Java and Python programming languages handle File Transfer Protocol (FTP) links, where they don't syntax-check the username parameter, which leads to, what researchers call, protocol injection flaw. Java/Python FTP Injection to Send Unauthorized SMTP Emails In a blog pos t published over the past week, security researcher Alexander Klink detailed the FTP protocol injection vulnerability in Java's XML eXternal Entity (XXE) that allows attackers to inject non-FTP malicious commands inside an FTP connection request. To demonst...

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) that has racked up thousands of downloads for over three years while stealthily exfiltrating developers' Amazon Web Services (AWS) credentials. The package in question is " fabrice ," which typosquats a popular Python library known as " fabric ," which is designed to execute shell commands remotely over SSH.  While the legitimate package has over 202 million downloads, its malicious counterpart has been downloaded more than 37,100 times to date. As of writing, "fabrice" is still available for download from PyPI. It was first published in March 2021. The typosquatting package is designed to exploit the trust associated with "fabric," incorporating "payloads that steal credentials, create backdoors, and execute platform-specific scripts," security firm Socket said . "Fabrice" is designed to carry out its malicious actions ...

Three additional rogue Python packages have been discovered in the Package Index (PyPI) repository as part of an ongoing malicious software supply chain campaign called  VMConnect , with signs pointing to the involvement of North Korean state-sponsored threat actors. The  findings  come from ReversingLabs, which detected the packages tablediter, request-plus, and requestspro. First disclosed at the start of the month by the company and Sonatype,  VMConnect  refers to a collection of Python packages that mimic popular open-source Python tools to download an unknown second-stage malware. The latest tranche is no different, with ReversingLabs noting that the bad actors are disguising their packages and making them appear trustworthy by using typosquatting techniques to impersonate prettytable and requests and confuse developers. The nefarious code within tablediter is designed to run in an endless execution loop in which a remote server is polled periodically ...

Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index (PyPI) via a domain takeover attack. Software supply chain security company ReversingLabs said it found the "vulnerability" in bootstrap files provided by a build and deployment automation tool named "zc.buildout." "The scripts automate the process of downloading, building, and installing the required libraries and tools," security researcher Vladimir Pezo said . "Specifically, when the bootstrap script is executed, it fetches and executes an installation script for the package Distribute from python-distribute[.]org – a legacy domain that is now available for sale in the premium price range while being managed to drive ad revenue." The PyPI packages that include a bootstrap script that accesses the domain in question include tornado, pypiserver, slapos.core, roman, x...

It's no secret that learning how to code is one of the most important things you can do when it comes to the beginning or furthering practically any career in programming and technology. The only problem a beginner often faces is that there are seemingly countless programming languages to choose from, which makes it exceedingly difficult for aspiring or even seasoned programmers to know which language to learn next. But if you haven't already learned Python, look no further. Python is no doubt one of the most powerful and popular programming languages on the planet, and the Complete Python Programming Bundle will teach you everything you need to know for more than 90% off at just $79. With seven modules led by expert instructors, this bundle walks you through everything from the fundamental aspects of Python to its most advanced tricks and tools. Whether you're just embarking on a career in coding and development, or you are a veteran programmer who wants to add...

For anyone with interest in  cybersecurity , learning Python is a must. The language is used extensively in white hat hacking, and professionals use  Python  scripts to automate tests. It also has a use in the "soft" side of cybersecurity — like scraping the web for compromised data and detecting bugs.  Featuring nine full-length video courses,  The Complete 2022 Python Programmer Bundle  helps you come to grips with this powerful programming language. The included training is worth $1,791 altogether. But thanks to a special price drop, readers of The Hacker News can  get the bundle today for just $39 . Special Offer — This library of Python video training includes 46 hours of content, and you can get lifetime access today  for just $39 ! When each new year of computer science talent arrives at MIT and Stanford, one of the first languages they learn is Python.  Why? Well, it's relatively easy to read. But just as importantly, it's super...

Knock v1.5  - Subdomain Scanner , allows to bypass wildcard Knock is a python script, written by Gianni 'guelfoweb' Amato, designed to enumerate subdomains on a target domain through a wordlist. This program is self contained, doesn't need to be installed in any particular location. All it needs is a recent version of Python 2.xOnly for use the Zone Transfer option (-zt) you must install the module dnspython, otherwise you can do without. If the name server allows zone transfers to occur, all the DNS names and IP addresses hosted by the name server will be returned in human-readable ASCII text. Usage $ python knock.py <option> <url> Rapid Scan Scanning with internal wordlist: $ python knock.py <url> Scanning with external wordlist: $ python knock.py <url> <wordlist> Options -zt Zone Transfer discovery: $ python knock.py -zt <url> -dns Dns resolver: $ python knock.py -dns <url> -wc Wildcard testing: $ python knock.py ...

A new fileless attack dubbed  PyLoose  has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner, new findings from Wiz reveal. "The attack consists of Python code that loads an XMRig Miner directly into memory using  memfd , a known Linux fileless technique," security researchers Avigayil Mechtinger, Oren Ofer, and Itamar Gilad  said . "This is the first publicly documented Python-based fileless attack targeting cloud workloads in the wild." The cloud security firm said it found nearly 200 instances where the attack method was employed for cryptocurrency mining. No other details about the threat actor are currently known other than the fact that they possess sophisticated capabilities. In the infection chain documented by Wiz, initial access is achieved through the exploitation of a publicly accessible Jupyter Notebook service that allowed for the execution of system commands using Python modules. PyLoose , first detected on...

A malicious Python package uploaded to the Python Package Index (PyPI) has been found to contain a fully-featured information stealer and remote access trojan. The package, named  colourfool , was identified by Kroll's Cyber Threat Intelligence team, with the company calling the malware  Colour-Blind . "The 'Colour-Blind' malware points to the democratization of cybercrime that could lead to an intensified threat landscape, as multiple variants can be spawned from code sourced from others," Kroll researchers Dave Truman and George Glass  said  in a report shared with The Hacker News. colourfool, like  other rogue Python modules  discovered in recent months, conceals its malicious code in the setup script, which points to a ZIP archive payload hosted on Discord. The file contains a Python script (code.py) that comes with different modules designed to log keystrokes, steal cookies, and even disable security software. The malware, besides performing def...