According to cybersecurity firm Hacken, financial losses from crypto hacks topped $440 million in the third quarter of 2024. Researchers at the Checkmarx cybersecurity firm sounded the alarm on a ...

Cybersecurity experts at ReversingLabs have unveiled a concerning continuation of the infamous VMConnect campaign. This ongoing assault, initially discovered in early August, has revealed an insidious ...

A new package mimicked the popular 'requests' library on the Python Package Index (PyPI) to target macOS devices with the Sliver C2 adversary framework, used for gaining initial access to corporate ...

Researchers have come across a rather odd Python code package online that aims to steal Google Cloud Platform credentials from a very limited set of macOS victims. The package, "lr-utils-lib," was ...

One of North Korea's most sophisticated threat groups has been hiding remote access malware for macOS and Linux inside of open source Python packages. North Korean advanced persistent threats (APTs) ...

PyPI is the official Python Package Index that currently contains 500,972 projects, 5,228,535 million releases, 9,950,103 million files, and 770,841 users. PyPI helps users locate and install software ...

A new software supply chain attack is being exploited in the wild, according to security researchers. The technique targets Python applications distributed via the Python Package Index, or PyPI.

The administrators of the Python Package Index (PyPI) have begun an effort to improve the hundreds of thousands of software packages that are listed. The attempt, which began earlier last year, is to ...

Researchers discover three-year old malicious package in PyPI The package is a typosquatted version of Fabric, with 37,000 downloads Its goal is to steal AWS login credentials from the developers A ...

When attackers compromised Ultralytics YOLO, a popular real-time object detection machine-learning package for Python, most assumed the Python Package Index, or PyPI, must be the point of failure.