Malicious code in cccxt (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx bbf77e85143db2624a1691f94e6382f42d72ab92eec168499ba0ac0b1f0081d3 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

GuardDog 路径遍历漏洞

GuardDog is GuardDog open source a CLI tool that allows to identify malicious PyPI packages. A path traversal vulnerability exists in GuardDog versions prior to v0.1.8, which stems from the vulnerability to arbitrary file writes when scanning specially crafted remote PyPI packages, and the use of...