Operation Navy Ghost is targeting Python developers who build Telegram bots by hiding backdoors inside trojanized Pyrogram forks uploaded to PyPI. The campaign has been active since November 2025, ...
If reinstalling software feels repetitive, these tools have some ideas.
A newly discovered supply-chain campaign called TrapDoor has planted more than 34 malicious packages across npm, PyPI and Crates.io to target crypto and cloud developers. The packages, disguised as ...
GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on Microsoft's official Visual Studio Marketplace for just 18 minutes on May 18 ...
A compromised maintainer account was used to publish malicious package versions across the @antv namespace. A fresh Mini Shai-Hulud supply chain attack has hit over 320 NPM packages, along with GitHub ...
Another massive supply chain attack is spreading. Hundreds of compromised NPM packages are being detected, with hackers using stolen secrets to create over 2,200 public GitHub repositories, all ...
Any development environment that installed or imported one of the 172 compromised npm or PyPI packages published since May 11 should be treated as potentially compromised. On affected developer ...
Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering credential-stealing malware targeting developers. The attacker hijacked valid OpenID ...
Malicious npm packages have been identified distributing malware that steals credentials and attempts to spread across developer ecosystems. According to new research from Socket, the activity mirrors ...
Yet another npm supply-chain attack is worming its way through compromised packages, stealing secrets and sensitive data as it moves through developers' environments, and it shares significant overlap ...
The Google ADK is a capable and mostly complete framework for developing agents, with support for multiple agent types, multi-agent architectures, and multiple programming languages. The Google Agent ...