libraries
-
Malware Strains Targeting Python and JavaScript Developers Through Official Repositories
Dec 13, 2022Ravie Lakshmanan An active malware campaign is targeting the Python Package Index (PyPI) and npm repositories for Python…
Read More » -
Schoolyard Bully Trojan Apps Stole Facebook Credentials from Over 300,000 Android Users
More than 300,000 users across 71 countries have been victimized by a new Android threat campaign called the Schoolyard Bully…
Read More » -
W4SP Stealer Constantly Targeting Python Developers in Ongoing Supply Chain Attack
An ongoing supply chain attack has been leveraging malicious Python packages to distribute malware called W4SP Stealer, with over hundreds…
Read More » -
Researchers Uncover 29 Malicious PyPI Packages Targeted Developers with W4SP Stealer
Cybersecurity researchers have uncovered 29 packages in Python Package Index (PyPI), the official third-party software repository for the Python programming…
Read More » -
Dropbox Breach: Hackers Unauthorizedly Accessed 130 GitHub Source Code Repositories
File hosting service Dropbox on Tuesday disclosed that it was the victim of a phishing campaign that allowed unidentified threat…
Read More » -
New Cryptojacking Campaign Targeting Vulnerable Docker and Kubernetes Instances
A new cryptojacking campaign has been uncovered targeting vulnerable Docker and Kubernetes infrastructures as part of opportunistic attacks designed to…
Read More » -
How the Software Supply Chain Security is Threatened by Hackers
Introduction In many ways, the software supply chain is similar to that of manufactured goods, which we all know has…
Read More » -
LofyGang Distributed ~200 Malicious NPM Packages to Steal Credit Card Data
Multiple campaigns that distributed trojanized and typosquatted packages on the NPM open source repository have been identified as the work…
Read More »