IEEE

Evaluating Python Static Code Analysis Tools Using FAIR Principles

Abstract: The quality of modern software relies heavily on the effective use of static code analysis tools. To improve their usefulness, these tools should be evaluated using a framework that ...

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...

An AI agent just tried to shame a software engineer after he rejected its code

Sign of the times: An AI agent autonomously wrote and published a personalized attack article against an open-source software maintainer after he rejected its code contribution. It might be the first ...
The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and data-stealing malware.
GitHub

De4py: toolkit for python reverse engineering

⚠️ de4py is FREE & OPEN SOURCE (GPL-3.0). Any paid versions sold elsewhere are NOT official. If you paid for de4py, you were misled. De4py is an advanced Python deobfuscator with a beautiful UI ...
GitHub

AgentRun: Run AI Generated Code Safely

AgentRun is a Python library that makes it easy to run Python code safely from large language models (LLMs) with a single line of code. Built on top of the Docker Python SDK and RestrictedPython, it ...