Devious Python Build Requirements
Build requirements in Python source distributions allow attackers to execute arbitrary code in an isolated build environment that is automatically deleted after use.
Charles Coggins
Senior Software Engineer, responsible for integrations and author of the "phylum" Python package. Documentation and quality champion, runner, baseball and scout dad, pod-faster, and lover of outdoors.
Python Package Installation Attacks
Arbitrary code execution is possible, and even common, during package installation. Find out how attackers use this to their advantage.
Python Trojan Functions and Imports
Learn basic techniques attackers use to create malicious packages with trojan features found in attacks including typosquatting, starjacking, dependency confusion, and lockfile injection.
Python Package Spoofing
Find out how easy it is for threat actors to spoof legitimate Python packages as the foundation of their attacks on the software supply chain.
Series: How Malicious Python Code Gains Execution
The primary vector for malicious code running in software developer environments (e.g., local system, CI/CD runners, production servers, etc.) is software dependencies. This is third-party code which often means open-source software, also known as