Tag: python
41 articles

Stealthy Malware Campaign by Banana Squad Aims at Developers on GitHub
Stealthy malware campaign by Banana Squad targets GitHub developers, exploiting vulnerabilities to deliver malicious payloads and compromise projects.

Serpentine Shadows: Cloudflare Tunnels Exploited for Python Malware Injections
Discover how Serpentine Shadows exploit Cloudflare Tunnels for Python malware injections, revealing vulnerabilities in web security measures.

Cloudflare Tunnels Exploited in New Malware Campaign Delivering RATs through Phishing Chains
Cloudflare Tunnels exploited in a new malware campaign, delivering RATs via sophisticated phishing chains. Stay vigilant against these threats.

Unveiling a Multi-Stage Malware Attack Targeting the Python Package Index
Explore the intricate details of a multi-stage malware attack targeting the Python Package Index, revealing its impact and security implications.

Developer Credentials at Risk: Malicious PyPI Package Discovered
“Discover how a malicious PyPI package threatens developer credentials, exposing vulnerabilities in Python’s package ecosystem.”

PyPI, npm, and AI Tools Exploited in Malware Surge Targeting DevOps and Cloud Environments
Malware surge exploits PyPI, npm, and AI tools in DevOps and cloud environments. Learn how attackers leverage these vulnerabilities to compromise systems.

Malicious PyPI Package Masquerades as Chimera Module to Steal AWS, CI/CD, and macOS Data
Beware: Malicious PyPI package disguised as Chimera module steals AWS credentials, CI/CD secrets, and macOS data.

Ex-Black Basta Ex-Members Harness Microsoft Teams and Python Scripts in 2025 Cyber Attacks
Ex-Black Basta ex-members harness Microsoft Teams and Python scripts in 2025 cyber attacks—signaling evolving digital warfare tactics.

Discovery of a Malicious Machine Learning Model Attack on PyPI
Discovery of a malicious machine learning model attack on PyPI exposing new vulnerabilities in Python packages and urging enhanced security measures.

Malicious PyPI Packages Use Social Media APIs to Validate User Accounts
Malicious PyPI packages exploit social media APIs to validate user accounts, heightening risk and enabling targeted deception.

New Malware on PyPI Poses Threat to Open-Source Developers
New malware on PyPI threatens open-source developers by injecting malicious code. Immediate vigilance and security measures are essential.

Deceptive PyPI Package Masquerading as a Solana Tool Pilfers Source Code in 761 Downloads
Deceptive PyPI package masquerading as a Solana tool pilfers source code in 761 downloads, exposing critical vulnerabilities for unsuspecting developers.

PyPi Package Conceals RAT Malware, Targeting Discord Developers Since 2022
PyPi package camouflages RAT malware targeting Discord developers since 2022, exposing a dangerous supply chain threat.

Researchers Discover Malware in Bogus Discord PyPI Package Accumulating Over 11,500 Downloads
Researchers uncovered malware in a fake Discord PyPI package, racking up over 11,500 downloads and sparking significant cybersecurity alerts.

Malicious PyPI packages abuse Gmail, websockets to hijack systems
Malicious PyPI packages exploit Gmail and websockets to hijack systems, raising cybersecurity concerns and necessitating enhanced threat detection mechanisms.

Secure AI Code Generation: Why Good Prompts Matter More Than You Think
Secure AI code generation starts with good prompts. Learn how poor instructions – not AI itself – are the real cause of insecure, vulnerable code.

New Malicious PyPI Package Exploits MEXC Trading API to Hijack Credentials and Orders
New malicious PyPI package targets MEXC Trading API, hijacking user credentials and orders, posing serious security risks for traders.