A group of hackers, named JINX-0164, has been contacting crypto devs via LinkedIn and inviting them to fake meetings that ...

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

The hacker group TeamPCP uploaded two malicious versions of the popular Python library LiteLLM to PyPI. Using a previously compromised version of the vulnerability scanner Trivy, the attackers stole ...

The popular Telnyx Python SDK is the latest victim of TeamPCP’s weeks-long supply chain campaign targeting the broad open source software ecosystem. The campaign started on March 19 with Aqua Security ...

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation pipelines before being removed. PyPI is ...

Two newly uncovered malware campaigns are exploiting open-source software across Windows and Linux environments to target enterprise executives and cloud systems, signaling a sharp escalation in both ...

Cybersecurity researchers have discovered two malicious packages in the Python Package Index (PyPI) repository that masquerade as spellcheckers but contain functionality to deliver a remote access ...

A little bit of Python, a little bit of DLL sideloading When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Sophisticated LinkedIn phishing uses fake ...

X-enc is a tool for encoding and obfuscating files in various programming languages using base64 encoding. This tool supports multiple languages such as Python, Bash, HTML, JavaScript, and PHP. With ...