Discover more from Grokking Python
Python news wrap-up for August 2022
Despite recent malware attacks, Python remains more popular than ever! Plus, news about Shiny for Python and exciting conferences in September
Hello Grokking Python readers, and happy Thursday!
August was quite a month for people in the Python and cybersecurity communities, so let’s dive right in.
PyPi phishing campaign and malware attack
Recent Python malware attacks used "typosquatting" to put thousands of developers at risk
PyPI published a Twitter thread reporting the details of a recent phishing campaign that used typosquatting to target its users. Reports of new malicious releases are currently under review.
If you believe you may have entered your credentials on a phishing site, make sure to:
Reset your password
Reset your 2FA recovery codes
Review your PyPI account for suspicious activity
What is typosquatting?
Typosquatting is a type of cyberattack in which hackers register domain names that are similar to popular website names, in the hope that users will mistype the name of the site and be redirected to the malicious site. This can lead to users inadvertently downloading malware or revealing personal information to the hackers.
Unsurprisingly, this method can also be used to deceive developers into downloading what they believe are popular Python packages. In fact, this is exactly what happened in July 2020, when the malicious Python "request" package was downloaded over 10,000 times by people who believed they were downloading the "requests" package.
A similar technique called StarJacking falsifies the GitHub Stars statistics for a package to make it appear popular. According to Checkmarx, an application security testing company, PyPi is one of the package managers where developers are especially vulnerable to both of these techniques.
As a final note, please remember to be aware of the risks that come with downloading and using packages as dependencies in your projects. Err on the side of caution, and always double-check your package names.
Python seizes the No. 1 spot on the TIOBE index for August 2022
The TIOBE Programming Community index is an indicator of the popularity of programming languages, and it’s indicating that Python is more popular than ever.
Python took first place on the TIOBE index for August with a +2% increase in popularity this month, and now represents 15.42% of the total index. This makes Python the most popular programming language in the world!
RStudio's Shiny for Python enters into Alpha
RStudio, a popular development environment for the R programming language, has announced the alpha release of its new Shiny for Python package. Shiny is a web application framework that allows Python developers to create interactive web applications without having to learn any web development skills.
If you're interested in testing it out or providing feedback, you'll be thrilled to know that you can learn Shiny completely within the browser, with no installation required!
EuroSciPy 2022 is just around the corner! The 14th annual European Conference on Python in Science will run from Aug. 29 through Sept. 2. Be sure to check it out if you're interested in using Python in scientific research.
DjangoCon Europe 2022 will be running from Sept. 21-25. Be sure to grab your tickets while they're still available! A limited quantity is left.
PyBay 2022: Food Truck Edition is coming to San Francisco and online for its 7th annual Python conference. There's a lineup of 25 speakers, and you can check out the full list on their website. If you're attending in person, you'll get to enjoy samples from nearly 20 food trucks, network with hiring companies, and listen to live music!
New Python courses on Educative
To end this month's update on a bright note, here are a couple of the latest Python courses to drop on Educative!
Want to build a strong foundation in using Square APIs for business applications but don't know where to start? This is a great course for beginners who want to learn how to accept payments securely, intermediate learners who want to explore Square API in more detail, and professionals who want to integrate Square API into their next project.
Note: This course is available for free!
In under 2 hours, you can:
Get familiarized with various Square APIs for business operations
Get a working knowledge of order creation and retrieval mechanisms using Square API
Learn how to generate and update invoices attached to order records using Square API
Learn how to make, record, and refund payments using Square API
Get hands-on experience integrating Square business and payment functions into a Django application using Square APIs
Prerequisites: A basic understanding of APIs and some fundamental knowledge of the Python programming language.
If you have more experience under your belt and want to learn how to build your own web APIs, then check out this course. You'll start from the basics of using REST API, move on to the framework for developing APIs in Python, and then build some neat projects to deploy on Microsoft Azure.
Note: This is a paid course, but you can try it by signing up for a free seven-day trial!
In under 3 hours, you will:
Understand the concept of an API
Learn about the FastAPI Python web framework
Learn to implement Optical Character Recognition
Learn and understand different services provided by Azure
Get familiarized with Git and GitHub
Build and Deploy an API to Microsoft Azure App Services
Prerequisites: Basic understanding of Python, logging, and programming concepts.
That’s it for now! We’ll be back next month with another recap, so stay tuned for more updates and news in the Python community.
As always, happy learning!
Thanks for reading Grokking Python! Subscribe for free to receive new posts and support our work.