CoinTelegraph

Crypto-stealing malware discovered in Python Package Index — Checkmarx

According to cybersecurity firm Hacken, financial losses from crypto hacks topped $440 million in the third quarter of 2024. Researchers at the Checkmarx cybersecurity firm sounded the alarm on a ...
Bleeping Computer

Ten Malicious Libraries Found on PyPI - Python Package Index

The Slovak National Security Office (NBU) has identified ten malicious Python libraries uploaded on PyPI — Python Package Index — the official third-party software repository for the Python ...
WeLiveSecurity

A pernicious potpourri of Python packages in PyPI

PyPI is popular among Python programmers for sharing and downloading code. Since anyone can contribute to the repository, malware – sometimes posing as legitimate, popular code libraries – can appear ...
Ars Technica

PyPI halted new users and projects while it fended off supply-chain attack

PyPI, a vital repository for open source developers, temporarily halted new project creation and new user registration following an onslaught of package uploads that executed malicious code on any ...
Arabian Post on MSN

Pyronut malware targets Telegram bot developers

A malicious Python package masquerading as a legitimate Telegram development tool has been identified as a vehicle for remote code execution attacks, raising concerns about supply chain security ...
Infosecurity-magazine.com

PyPI Revival Hijack Puts Thousands of Applications at Risk

A new software supply chain attack is being exploited in the wild, according to security researchers. The technique targets Python applications distributed via the Python Package Index, or PyPI.