IEEE

Bad Snakes: Understanding and Improving Python Package Index Malware Scanning

Open-source, community-driven package repositories see thousands of malware packages each year, but do not currently run automated malware detection systems. In this work, we explore the security ...
IEEE

A Large-Scale Security-Oriented Static Analysis of Python Packages in PyPI

Abstract: Different security issues are a common problem for open source packages archived to and delivered through software ecosystems. These often manifest themselves as software weaknesses that may ...