News

The Hacker News

SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers

Zscaler reveals SilentSync remote access trojan hidden in two malicious PyPI Python packages, risking browser data theft and ...
How-To Geek on MSN

Python Package Index Responds to Malware Attack by Invalidating Tokens

The Python Package Index (PyPI), run by the Python Software Foundation, has officially invalidated all the publishing tokens that were stolen in the GhostAction supply chain attack that happened ...

Panda-monium: China-backed cyber crew spoof Congressman to dig for dirt on US trade talks

Proofpoint said this week that it had spotted a Chinese state-backed crew TA415 – also known as APT41, Wicked Panda or Brass ...
GovInfoSecurity

Breach Roundup: Microsoft, Cloudflare Dismantle RaccoonO365

This week, Microsoft hit RaccoonO365, Colt Technology Services, Finland charged a U.S. citizen in Vastaamo hack.

PyPI invalidates tokens stolen in GhostAction supply chain attack

The Python Software Foundation team has invalidated all PyPI tokens stolen in the GhostAction supply chain attack in early ...