Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...

Use Python to make your data visualizations stand out.

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that compromised LiteLLM, a widely used open-source Python ...

Sometime around the last week of May 2026, attackers uploaded poisoned packages to three of the most widely used software ...

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

JINX-0164 has targeted crypto developers through fake LinkedIn meeting invites that lead to macOS malware infections, ...

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

Threat actors have struck the software supply chain yet again, this time hitting the Python Package Index (PyPI) with Mini Shai-Hulud in an attempt to spread poisoned code. In the latest campaign, ...

Last year, Tamara Eshleman donated a $300 espresso machine to a raffle fundraiser for Adamstown Public Library. Sure, it was a good cause, but part of that cause included her own job. Like most ...

Meta’s Rust-powered linter and type checker for Python pairs blazing speed with advanced and innovative features.