IEEE

Evaluating Python Static Code Analysis Tools Using FAIR Principles

Abstract: The quality of modern software relies heavily on the effective use of static code analysis tools. To improve their usefulness, these tools should be evaluated using a framework that ...
IEEE

Fileless Attack Patterns Implemented in Python: Design, Encryption, and Detection Lessons

Abstract: This paper presents a controlled, pedagogical demonstration showing how high-level programming conveniences can be used to build compact, fileless malware for classroom instruction in ...

Malicious packages for dYdX cryptocurrency exchange empties user wallets

Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX developers and backend systems and, in some cases, backdoored devices, ...