Bleeping Computer

Popular Python and PHP libraries hijacked to steal AWS keys

PyPI module 'ctx' that gets downloaded over 20,000 times a week has been compromised in a software supply chain attack with malicious versions stealing the developer's environment variables. The ...
TheServerSide

Create your first Python AWS Lambda function in minutes

Community driven content discussing all aspects of software development from DevOps to design patterns. Ready to develop your first AWS Lambda function in Python? It really couldn’t be easier. The AWS ...
ZDNet

AWS's AI code reviewer now spots Log4Shell-like bugs in Java and Python code

Amazon Web Services (AWS) has updated the 'detectors' in its CodeGuru Reviewer tool to seek out log injection flaws like the recently disclosed Log4Shell bug in the popular Java logging library Log4J.
Computing

PyPI package 'ctx' and PHP library 'phpass' hijacked to obtain AWS keys

Security researchers this week identified two corrupt Python and PHP packages in what appears to be yet another instance of a software supply chain attack targeting the open-source ecosystem. Python ...