News

Security Boulevard9d
Malicious attack method on hosted ML models now targets PyPI
Artificial intelligence (AI) and machine learning (ML) are now inextricably linked to the software supply chain. ML models, ...
Bleeping Computer24d
Malicious PyPi package hides RAT malware, targets Discord devs since 2022
A malicious Python package targeting Discord developers with remote access trojan (RAT) malware was spotted on the Python Package Index (PyPI) after more than three years. Named "discordpydebug ...
The Hacker News5d
New Self-Spreading Malware Infects Docker Containers to Mine Dero Cryptocurrency
Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into a ...
Google Apps Script abused to launch dangerous phishing attacks
Threat actors have been seen abusing Google Apps Script to launch convincing phishing attacks and steal people’s Microsoft ...
Threat actors abuse Google Apps Script in evasive phishing attacks
Threat actors are abusing the trusted Google platform 'Google Apps Script' to host phishing pages, making them appear ...
TechRadar27d
Gmail servers hijacked by malicious PyPI packages to spread havoc - here's how to stay safe
reported them to the Python repository and thus helped get them removed from the platform - however the damage has already been done. According to Socket, there were seven malicious PyPI packages ...
Developer Tech9d
60 malicious npm packages caught mapping developer networks
The npm registry is once again in the spotlight, this time battling a malware campaign using malicious packages to map ...
CSO Online2d
Warning: Threat actors now abusing Google Apps Script in phishing attacks
According to new research from Cofense, a new attack has been discovered where, if an employee clicks on a link in a phishing email, they get taken to a page on script [.]google [.]com. The attacker ...