code repositories – Weekly Geek

Developers can’t seem to stop exposing credentials in publicly accessible code

Victor De Schwanberg/Science Photo Library via Getty Images reader comments 43 with Despite more than a decade of reminding, prodding, and downright nagging, a surprising number of developers still can’t bring themselves to keep their code free of credentials that provide the keys to their kingdoms to anyone who takes the time to look for… Read More »

Latest attack on PyPI users shows crooks are only getting better

reader comments 26 with Share this story More than 400 malicious packages were recently uploaded to PyPI (Python Package Index), the official code repository for the Python programming language, in the latest indication that the targeting of software developers using this form of attack isn’t a passing fad. All 451 packages found recently by security… Read More »