Bleeping Computer

Hackers bombard PyPi platform with information-stealing malware

The PyPi python package repository is being bombarded by a wave of information-stealing malware hiding inside malicious packages uploaded to the platform to steal software developers' data. The ...
The Mandarin

ASD launches malware analysis freeware

“The ASD has released Azul, an open‑source malware analysis tool, designed for large-scale malware analysis by network defenders, incident responders, and malware analysts in large organisations and ...
Dark Reading

Hackers Hide Remcos RAT in GitHub Repository Comments

Trusted and widely used software development and collaboration platforms like GitHub and GitLab have become both targets of and vehicles for a growing range of malicious activity. The latest ...
CoinTelegraph

How cybercriminals use YouTube and GitHub to spread crypto malware

In the ever-evolving landscape of cyber threats, two platforms traditionally viewed as safe spaces for content creation, learning and open-source collaboration have become targets for distributing ...
Krebs on Security

Self-Replicating Worm Hits 180+ Software Packages

At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on ...
Ars Technica

More malicious packages posted to online repository. This time it’s PyPI

Researchers have uncovered yet another supply chain attack targeting an open source code repository, showing that the technique, which has gained wide use in the past few years, isn’t going away any ...
TechSpot

More than 100,000 GitHub repositories found spreading malicious packages

Facepalm: GitHub serves as a colossal hub for software development, hosting nearly half a billion code projects created by hundreds of millions of developers worldwide. Given its extensive reach and ...