Cybernews

Hackers hijack Microsoft packages to steal developer logins

The malware used in the attack was dubbed “Miasma” and is described as a self-replicating worm designed to harvest login ...
Yahoo Finance

Introducing Chainguard Libraries for Python: Malware-Resistant Dependencies Built Entirely from Source

Today, more than half of the world's developers rely on Python, a programming language that has become the foundation of modern AI and machine learning applications. As the popularity of Python has ...
CoinDesk

North Korean Hackers Are Targeting Top Crypto Firms With Malware Hidden in Job Applications

A North Korean hacking group is using Python-based malware disguised as fake job applications to target crypto workers. The malware, PylangGhost, is a variant of GolangGhost and aims to infiltrate ...

For the 2nd time in weeks, Microsoft packages laced with credential stealer

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...
Dark Reading

Novel PyPI Malware Uses Compiled Python Bytecode to Evade Detection

In a new twist on software supply chain attacks, researchers have discovered a Python package hiding malware inside of compiled code, allowing it to evade ordinary detection measures. On April 17, ...
Bleeping Computer

Fake password manager coding test used to hack Python developers

Members of the North Korean hacker group Lazarus posing as recruiters are baiting Python developers with coding test project for password management products that include malware. The attacks are part ...
IT News For Australia Business

Python supply chain exploited to distribute malware

A Python coding community is undergoing a software supply-chain attack, with threat actors targeting the 170,000-strong Top.gg GitHub organisation with malware. Top.gg began life as Discord Bots, ...