Techly NewsGet the app

Get the latest tech news

Leaked admin access token to Python, PyPI, and PSF GitHub repos


The JFrog Security Research team has recently discovered and reported a leaked access token with administrator access to Python’s, PyPI’s and Python Software Foundation’s GitHub repositories, which was leaked in a public Docker container hosted on Docker Hub. As a community service, the JFrog Security Research team continuously scans public repositories such as Docker Hub, …

As a community service, the JFrog Security Research team continuously scans public repositories such as Docker Hub, NPM, and PyPI to identify malicious packages and leaked secrets. GitHub Organization# of Repositories with admin access python 91 pypa 55 psf 42 pypi 21 The implications of someone finding this leaked token could be extremely severe. We highly recommend using this feature, as we frequently encounter situations where a token providing ultimate access to the entire infrastructure gets leaked within a side project or temporary “hello-world” application.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of PyPI

PyPI

Photo of python

python

Photo of Leaked admin access

Leaked admin access

Related news:

News photo

Jurigged: Hot Reloading for Python

News photo

Making Python Less Random

News photo

Ultra simplified "MNIST" in 60 lines of Python with NumPy

« 52,000-year-old woolly mammoth chromosomes reconstructed from 'jerky-like' skin
Drone photographer pleads guilty to Espionage Act charges »