Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...

Official SAP npm packages compromised to steal credentials

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

In a first, a ransomware family is confirmed to be quantum-safe

A relatively new ransomware family is using a novel approach to hype the strength of the encryption used to scramble ...
Hosted on MSN

PyPI package hack exposes developers to credential theft

A widely used PyPI package, 'elementary-data', was compromised through a malicious update that inserted infostealer code via a GitHub Actions workflow. The breach potentially exposed SSH keys, cloud ...
PhoneWorld

Hackers Impersonate Microsoft Teams to Gain Full Enterprise Access Without Exploits

Hackers leveraging Microsoft Teams, custom malware, and trusted cloud infrastructure to gain deep access into enterprise ...