
Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
Complex lines of code for manipulating strings are no more.
Installation is pretty easy.
pip install stringops
Import the necessary extended class
from stringops.manipulation import Manipulation
Manipulate -> add
# suppose there is some string say 'value'
value = "Hey This is me"
# I want to add a '.' at the end
value = Manipulation(value)
value = value.add(".")
# I also want to add another sentence to it.
value = value.add("How are you", "!")
# print it
print(value)
Manipulate -> half
# lets take the above variable 'value'.
value = Manipulation("hey, this is me")
# I want to divide the string into half and i want to get the left side of the result.
left_half = value.half("left")
right_half = value.half("right")
print(left_half, right_half)
Manipulate -> split
# using the same varibale 'value'.
value = Manipulation("hey, this is me")
# suppose i want to split the string based on white spaces and
# get the value that is in the index place of 1
# can be done using
# >>> value.split(" ")[1]
index_one_value: str = value.split(" ", 1)
# all the values can also be retrieved
all_values: list[str] = value.split(" ", "all")
CONVERT THIS
MANIPULATION
OBJECT TOREAD
value: Manipulation = Manipulation("hey, this is me")
value: Read = value.convert_to_read()
Importing
from stringops.read import Read
Read - check substring
value = Read("hey, this is me")
if value.there("he"):
return True
else:
return False
FAQs
Better String Operations
We found that stringops demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
Product
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
Security News
Research
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.