PyPI Supply Chain Attacks Hit Python and NPM Users on Windows and Linux
Checkmarx Zero researchers have uncovered a sophisticated supply chain attack campaign targeting Python and NPM package ecosystems through typo-squatting techniques against the popular colorama...
Malicious PyPI Package Steals Solana Wallets Private Key Via Supply Chain Attack
A significant supply chain attack has been uncovered in the Python Package Index (PyPI), placing thousands of Solana developers at risk through a malicious...
Threat Actors Weaponize Fake AI Websites to Unleash Python Infostealers
The threat group tracked as UNC6032 has been exploiting the global interest in artificial intelligence (AI) by deploying large-scale infostealer campaigns.
The campaign leverages fraudulent...
Cybercriminals Exploit TikTok and Instagram APIs to Validate Compromised Accounts
Cybersecurity researchers have uncovered a wave of malicious software packages on the Python Package Index (PyPI) designed to systematically exploit TikTok and Instagram APIs...
Malicious PyPI Package Exploits Developers to Exfiltrate Source Code
A new supply chain attack has been uncovered in the Python ecosystem, as security researchers from RL identified a malicious package named solana-token on...
