Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
A stealthy Python-based backdoor framework capable of long-term surveillance and credential theft has been identified ...
Copy Fail (CVE-2026-31431) is a severe logic flaw in the Linux kernel affecting every distribution since 2017. Patch your ...
DEEP#DOOR embeds a Python RAT in a dropper script, using bore[.]pub C2 to steal credentials and evade Windows defenses, ...
The popular Python package for monitoring data quality was briefly available as a malicious version. Provider Elementary ...
Copy Fail, a logic bug in the Linux kernel, allows users to write 4-byte code into other files’ page cache and achieve root ...
Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...
A widely used open-source PyPI package, elementary-data, was compromised in a targeted attack that inserted infostealer malware via a GitHub Actions vulnerability. The malicious update, version 0.23.3 ...
A new report from ReversingLabs identified a new tactic by North Korean hackers: feeding malicious code to the AI systems ...
2don MSN
Top open source PyPI package with over 1 million downloads each month hacked to send out malware
This was not a case of stolen credentials, but rather of vulnerability exploitation.
The open-source package elementary-data, with over a million downloads per month, has been compromised. Attackers exploited a vulnerability in a GitHub ...
Google has warned about a new cybercrime group that uses Microsoft Teams chat invitations and fake helpdesk messages to steal ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results