New string of phishing attacks targets Python developers

If you recently got an email asking you to verify your credentials to a PyPI site, better change that password ...
InfoWorld

Open source registries signal shift toward paid models as AI strains infrastructure

The foundations said in their blog post that automated CI systems, large-scale dependency scanners, and ephemeral container ...

PyPI invalidates tokens stolen in GhostAction supply chain attack

The Python Software Foundation team has invalidated all PyPI tokens stolen in the GhostAction supply chain attack in early ...
The Hacker News

ShadowV2 Botnet Exploits Misconfigured AWS Docker Containers for DDoS-for-Hire Service

ShadowV2 botnet exploits AWS Docker flaws using Python C2 and Go RAT, enabling sophisticated DDoS-for-hire attacks.
The Hacker News

SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers

Zscaler reveals SilentSync remote access trojan hidden in two malicious PyPI Python packages, risking browser data theft and multi-OS compromise.

Hunan Majie Linghang Education Technology Co., Ltd.: Python Connects Everything, the Future is Here

Python's multi-language integration capability is not only evident in its collaboration with C/C++ and Java but also ...

Police in CT town capture a 9-foot python and are now searching for its owner

In June 2024, Groton police found a four-foot python trapped in a local condominium complex that was returned to its owner.
Infosecurity Magazine

ShadowV2 Botnet Exposes Rise of DDoS-as-a-service Platforms

The ShadowV2 DDoS operation, discovered by Darktrace, uses a command-and-control framework hosted on GitHub CodeSpaces, a ...
SecurityWeek

ShadowV2 DDoS Service Lets Customers Self-Manage Attacks

New DDoS botnet ShadowV2 targets misconfigured Docker containers and offers a service model where customers launch their own ...

Apiiro expands AI Bill of Materials to govern agents and MCP servers

Application security posture management company Apiiro Ltd. today announced a new update that aims to help enterprises get ...

Verified Steam game steals streamer's cancer treatment donations

A gamer seeking financial support for cancer treatment lost $32,000 after downloading from Steam a verified game named ...