The Hacker News

PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux

ZiChatBot malware spread via 3 PyPI packages in July 2025 uses Zulip APIs as C2, enabling stealthy attacks across systems ...
Găzduite pe MSN

Popular PyPI package hacked to deliver infostealing malware

A widely used open-source PyPI package, elementary-data, was compromised in a targeted attack that inserted infostealer malware via a GitHub Actions vulnerability. The malicious update, version 0.23.3 ...
Găzduite pe MSN

Dataquest expands Python project library to 88 titles

Dataquest has expanded its Python project library to 88 titles, offering a wider range from beginner to advanced levels to strengthen practical coding skills. The updated selection includes guided ...

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

Thousands defrauded out of nearly US$215M, including Canadians, in global hacking scheme

U.S. federal jury convicted 25 people for running an international hacking scheme that defrauded more than 1,000 victims out ...
Hackaday

Building An IBM PCjr BIOS From Source Using Original Printed Source Code

As unloved as IBM’s PCjr was, with only a one-year production run, it’s hard to complain about the documentation available ...
Hackaday

A Tool For Testing CANopen Networks

If you find yourself working with CANopen CC networks, you might find yourself in need of a tool for monitoring what’s ...

Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...