Nov 28, 2025Ravie LakshmananMalware / Vulnerability Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on… Continue reading
Tag: PyPI
Oct 14, 2025Ravie LakshmananMalware / Typosquatting Cybersecurity researchers have identified several malicious packages across npm, Python, and Ruby ecosystems that leverage Discord as a command-and-control (C2) channel to… Continue reading
Oct 02, 2025Ravie LakshmananPython / Malware Cybersecurity researchers have flagged a malicious package on the Python Package Index (PyPI) repository that claims to offer the ability to create… Continue reading
Sep 18, 2025Ravie LakshmananMalware / Supply Chain Attack Cybersecurity researchers have discovered two new malicious packages in the Python Package Index (PyPI) repository that are designed to deliver… Continue reading
A new artificial intelligence (AI)-powered penetration testing tool linked to a China-based company has attracted nearly 11,000 downloads on the Python Package Index (PyPI) repository, raising concerns that… Continue reading
