Malicious PyPI package soopsocks downloaded 2,653 times before takedown, exfiltrating Windows data to Discord.

According to cybersecurity firm Hacken, financial losses from crypto hacks topped $440 million in the third quarter of 2024. Researchers at the Checkmarx cybersecurity firm sounded the alarm on a ...

Overview: Python libraries simplify testing networks and detecting vulnerabilities in systems.Tools like YARA and ...

New Python language libraries with end-to-end integrity help organizations build software safer and more efficiently KIRKLAND, Wash., May 14, 2025 /PRNewswire/ -- Chainguard, the secure foundation for ...

Confucius hackers target Pakistan with WooperStealer and Anondoor malware using phishing and DLL side-loading.

A PyPI package for an AI model was compromised and used to deliver malware Victims were getting XMRig, a popular cryptominer, installed The attack has since been addressed, but users warned to be on ...

Python developers working on Mac devices are being targeted by North Korean hackers once again experts have warned. A report from cybersecurity researchers Unit 42 has claimed the attacks are, at ...

IntroductionZscaler ThreatLabz regularly monitors for threats in the popular Python Package Index (PyPI), which contains open source libraries that are frequently used by many Python developers. In ...

The Python Package Index (PyPI), run by the Python Software Foundation, has officially invalidated all the publishing tokens that were stolen in the GhostAction supply chain attack that happened ...

A Python coding community is undergoing a software supply-chain attack, with threat actors targeting the 170,000-strong Top.gg GitHub organisation with malware. Top.gg began life as Discord Bots, ...