News
A researcher going by the handle mschwager on GitHub demonstrated an attack method that abuses the 'setup.py' file in Python modules to perform code execution when the package is installed.
They, too, modified the package installation files ... use a rogue pseudo-random number generator instead of Python's official secret module, an app's cryptographic functions might be easy ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback