The package, named solana-token, is no longer available for download from PyPI, but not before it was downloaded 761 times.

Python is one of the world’s most popular ... This gives cybercriminals an opportunity to smuggle malicious code, and infect countless projects through the software supply chain.

AI-generated computer code is rife with references to non-existent third-party libraries, creating a golden opportunity for ...

A malicious Python package targeting Discord developers with remote access trojan (RAT) malware was spotted on the Python ...

Chainguard Libraries for Python isn't just another repository; it’s an index of Python dependencies engineered to be ...

It’s not just Python, either. A similar issue was found ... Each package contained malicious code that grabbed environment variables and uploaded them to the author. How many web devs installed ...

Chainguard, the secure foundation for software development and deployment, today announced Chainguard Libraries for Python, an index of malware-resistant Python dependencies built securely from source ...

Seven malicious PyPi packages were found using Gmail's SMTP servers and WebSockets for data exfiltration and remote command ...

Slopsquatting and vibe coding are fueling a new wave of AI-driven cyberattacks, exposing developers to hidden risks through fake, hallucinated packages.