Oct 8, 2023 5 min read

Weekend Briefing No. 18

Python programmers beware of these malicious packages stealing your sensitive data!

Good Sunday morning! Welcome to this Weekend's Briefing, a day late because I was traveling! Expect interesting data points about the countries I visited in the forthcoming briefings! Caio!

Interesting data points

The median age in Portugal is 44.6 years; 42.7 for males and 43.6 for females
The Azores are an archipelago comprising nine islands that occupy a surface area of 2,346 km² (906 sq mi), they are active volcanically
The name Portugal comes from Latin and Roman meaning "Port of Gaya" and "harbor, port"
Portugal imports more goods ($112.413 billion - 2021 estimate) than it exports ($105.648 billion -2021 estimate)
Personal data point: the Sangria in Portugal was good and utilitarian but fair. I'll rate it 3 out of 5 stars

Hundreds of malicious Python packages found stealing sensitive data

Coming from the "fat finger" mistake corner, 272 Python packages were found to compromise your code if you accidentally misspelled them during a pip install or similar import command. Watch out for how you spell those packages!

The researchers warn that open-source communities and developer ecosystems continue to be susceptible to supply chain attacks, and threat actors upload malicious packages on widely used repositories and version control systems, such as GitHub, or package regitries like PyPi and NPM, daily.

Users are recommended to scrutinize the projects and package publishers they trust and be vigilant about typosquatting package names.

A full list of the malicious packages can be found on GitHub (subject to change).

Solar efficiency reaches 36.1%

A big breakthrough for solar efficiency research! Researchers in Germany have created a multijunction solar cell that can reach an efficiency of 36.1 percent! While that number sounds pretty low, it'll have a drastic effect on the levelized cost of electricity, also known as the "break even cost" of energy generation.

The only drawback, right now, is that these cells are more expensive to fabricate. Given the fact that the current cells have an efficiency of 27%, I believe that the fabrication process will be refined and become more cost effective in near future!

These solar cells are currently more expensive to fabricate than conventional silicon solar cells, which reach efficiencies of up to 27 percent. However, the very high efficiency of the multijunction cell is a great benefit for applications where the available space is limited and a large amount of solar power must be generated within a small area. Applications are foreseen in solar-powered electric cars, consumer products, and drones, for example.

Considering the solar cell/panel market is expected to triple by 2028, now might be the time to install a solar energy system on your house!

How change is created

I love the r/coolguides group, there are so many great infographics. Lately I've been thinking about how to create new healthy and personal habits. I found this infographic relatable because you can't have successful outcome without an idea, plan, and execution.

Build your own OSINT tools and APIs

I've been evaluating different OSINT (open source intelligence) tools out there and various Python packages keep "popping up" in my search. I recently came across the Python OSINT package.

It let's you scan domains, whether or not a site is using SSL, and host of other intelligence extraction methods. It does rely on a several other open source packages like: scapy, tld, netifaces, dnspython, beautifulsoup4, requests pyOpenSSL, lxml, and langdetect. Also known, in my book, as the usual suspects.

Help me reach my BHAG!

Hi friends, I have a very Big and Hairy Audacious Goal (BHAG) for the end of the year, I want to reach 1000 newsletter subscribers! I'm asking for your help to get this done so if you liked this newsletter (or any of the past articles), please share it on LinkedIn, Twitter, Reddit, or Facebook.