Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages
Nov 28, 2025Ravie LakshmananMalware / Vulnerability Cybersecurity researchers have discovered vulnerable code…
Python-Based WhatsApp Worm Spreads Eternidade Stealer Across Brazilian Devices
Cybersecurity researchers have disclosed details of a new campaign that leverages a…
Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown
Oct 02, 2025Ravie LakshmananPython / Malware Cybersecurity researchers have flagged a malicious…
How to Stop Python Supply Chain Attacks—and the Expert Tools You Need
Aug 07, 2025The Hacker NewsDevSecOps / Supply Chain Security Python is everywhere…
Vietnamese Hackers Use PXA Stealer, Hit 4,000 IPs and Steal 200,000 Passwords Globally
Aug 04, 2025Ravie LakshmananMalware / Browser Security Cybersecurity researchers are calling attention…
NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code and Hijack AI Servers
Aug 04, 2025Ravie LakshmananAI Security / Vulnerability A newly disclosed set of…
PyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike Domain
Jul 29, 2025Ravie LakshmananPhishing / Developer Security The maintainers of the Python…
Google Launches OSS Rebuild to Expose Malicious Code in Widely Used Open-Source Packages
Jul 23, 2025Ravie LakshmananSoftware Integrity / DevSecOps Google has announced the launch…
200+ Trojanized GitHub Repositories Found in Campaign Targeting Gamers and Developers
Cybersecurity researchers have uncovered a new campaign in which the threat actors…