News

CSO Online1d
Hackers booby trap NPM with cross-language imposter packages
Developers adept at multiple coding languages are tricked into installing a familiar-sounding package from within the Node ...
The Hacker News2d
Researchers Uncover Malware in Fake Discord PyPI Package Downloaded 11,500+ Times
PyPI package 'discordpydebug' hides a RAT, downloaded 11,574 times, using stealthy HTTP polling to bypass defenses.
Malicious PyPi package hides RAT malware, targets Discord devs since 2022
A malicious Python package targeting Discord developers with remote access trojan (RAT) malware was spotted on the Python ...
The Hacker News5d
Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack
Malicious Go and PyPI packages use Gmail and wget to exfiltrate data, wipe Linux disks, and hijack crypto credentials.