HackerTrans
トップ新着トレンドコメント過去質問紹介求人

Nickste

no profile record

投稿

Payment processor publishes official NPM package that leaks credit card data

getsafety.com
13 ポイント·投稿者 Nickste·昨年·0 コメント

コメント

Nickste
·12 か月前·議論
Mike is doing an incredible job of finding ways to make it harder for attackers to abuse PyPI (see the PyPI quarantine project). At Safety (previously PyUp) we've been tracking a significant increase in malicious packages that compromise you as soon as you install them. We've extended our open-source CLI tool with a "Firewall" capability that aims to protect against some of these kinds of attacks (typosquatting, slopsquatting) while not requiring any changes to the tooling you use (e.g. pip, uv, poetry).

You can check it out with: pip install safety && safety init
Nickste
·昨年·議論
Safety (previously PyUp) - https://getsafety.com - software supply chain security. Offices in Vancouver but team is all over Canada. Raised a large seed round from First Round and others.