In a new twist on software supply chain attacks, researchers have discovered a Python package hiding malware inside of compiled code, allowing it to evade ordinary detection measures. On April 17 ...

Newly discovered campaign takes advantage of the fact that most vulnerability scanning tools don't read compiled open-source software.