PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...

Top open source PyPI package with over 1 million downloads each month hacked to send out malware

This was not a case of stolen credentials, but rather of vulnerability exploitation.

LincPlus LincStation E1 review: Compact, entry-level, and fast enough

The LincPlus LincStation E1 is a compact NAS that promises speed, capacity, and some smart features. Prosumers and above ...

Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.
Techzine Europe

Malicious Python package poses new supply chain threat

The open-source package elementary-data, with over a million downloads per month, has been compromised. Attackers exploited a vulnerability in a GitHub ...

Mosyle identifies two new macOS threats invisible to antivirus engines

After exclusively sharing details with 9to5Mac last September on ModStealer, a cross-platform infostealer invisible to every major antivirus engine ...
TechSpot

Download of the Week

Recordly is a desktop app for recording and editing screen captures with motion-driven presentation tools built in. Recordly has emerged as one of the most compelling free alternatives to paid tools ...