LinkedIn

PyPI Telnyx Python SDK Backdoored to Steal Credentials on Windows, macOS, and Linux

Telnyx Python SDK on PyPI, using a multi‑stage WAV steganography payload to steal credentials across Windows, macOS, and Linux systems. The backdoor lives in telnyx/_client.py and is triggered at ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

On March 19, 2026, Trivy, Aqua Security’s widely used open-source vulnerability scanner, was reported to have been compromised in a sophisticated CI/CD-focused supply chain attack. Threat actors ...
Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
LinuxInsider

Weaponized Python and Linux Malware Target Executives and Cloud Systems

Two newly uncovered malware campaigns are exploiting open-source software across Windows and Linux environments to target enterprise executives and cloud systems, signaling a sharp escalation in both ...
Security Boulevard

Shai-Hulud: The Second Coming

A significantly evolved version of the Shai-Hulud malware now tracked as Sha1-Hulud has been discovered with over 400 packages affected, now featuring persistent backdoor capabilities through ...
Bleeping Computer

From infostealer to full RAT: dissecting the PureRAT attack chain

An investigation into what appeared at first glance to be a “standard” Python-based infostealer campaign took an interesting turn when it was discovered to culminate in the deployment of a ...
WeLiveSecurity

DeceptiveDevelopment: From primitive crypto theft to sophisticated AI-based deception

This blogpost introduces our latest white paper, presented at Virus Bulletin 2025, where we detail the operations of the North Korea-aligned threat actor we call DeceptiveDevelopment and its ...
The Hacker News

PyPI, npm, and AI Tools Exploited in Malware Surge Targeting DevOps and Cloud Environments

Cybersecurity researchers from SafeDep and Veracode detailed a number of malware-laced npm packages that are designed to execute remote code and download additional payloads. The packages in question ...
Microsoft

New XCSSET malware adds new obfuscation, persistence techniques to infect Xcode projects

September 25, 2025 update: Microsoft Threat Intelligence has identified yet another XCSSET variant in the wild that introduces further updates and new modules: XCSSET evolves again: Analyzing the ...
GitHub

A flexible Python implementation for encoding and decoding data using various base-N encodings (e.g., Base64, Base32, Base16, Base4096, etc.). The implementation supports ...

Note: If you are looking for a faster, more robust implementation for standart encodings, use the standard library. This library goal is to provide a flexible implementation for custom base-N ...
The Hacker News

Developers Beware: Lazarus Group Uses Fake Coding Tests to Spread Malware

Cybersecurity researchers have uncovered a new set of malicious Python packages that target software developers under the guise of coding assessments. "The new samples were tracked to GitHub projects ...