Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

PyPI warns phishing attacks will persist using fake domains and urgent email tactics Victims are tricked into verifying accounts via typosquatted sites like pypi-mirror.org Users and maintainers urged ...

As he finished his day at work at the Eugene, Oregon Police Department, Sergeant Ryan Nelson couldn't have known that he'd soon be wrestling a 12-foot Burmese python. Last Thursday afternoon towards ...

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.

A long-running cyber-espionage group known as Confucius has introduced new techniques in its campaigns against Microsoft Windows users. First identified in 2013, the group has consistently targeted ...

A critical flaw in Python tool Marimo was exploited within 10 hours of disclosure, researchers report, highlighting how quickly attackers are now turning vulnerability advisories into real-world ...

A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.

Andrej Karpathy, the former Tesla AI director and OpenAI cofounder, is calling a recent Python package attack \"software horror\"—and the details are ge.

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.