Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown
Oct 02, 2025Ravie LakshmananPython / Malware Cybersecurity researchers have flagged a malicious…
How to Stop Python Supply Chain Attacks—and the Expert Tools You Need
Aug 07, 2025The Hacker NewsDevSecOps / Supply Chain Security Python is everywhere…
PyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike Domain
Jul 29, 2025Ravie LakshmananPhishing / Developer Security The maintainers of the Python…
Hackers Breach Toptal GitHub, Publish 10 Malicious npm Packages With 5,000 Downloads
Jul 28, 2025Ravie LakshmananMalware / Developer Tools In what's the latest instance…
Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack
May 03, 2025Ravie LakshmananSupply Chain Attack / Malware Cybersecurity researchers have discovered…
GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages
Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP)…
This Malicious PyPI Package Stole Ethereum Private Keys via Polygon RPC Transactions
Mar 07, 2025Ravie LakshmananMalware / Blockchain Cybersecurity researchers have discovered a malicious…
PyPI Introduces Archival Status to Alert Users About Unmaintained Python Packages
Feb 03, 2025Ravie LakshmananOpen Source / Software Security The maintainers of the…
Researchers Uncover PyPI Packages Stealing Keystrokes and Hijacking Social Accounts
Dec 24, 2024Ravie LakshmananMalware / Data Exfiltration Cybersecurity researchers have flagged two…