Malicious Python packages found on PyPI
Researchers have uncovered another batch of malicious Python libraries hosted on Python Package Index (PyPI). The malicious packages PyPI is the official third-party software …
Python-based attack tools are the most common vector for launching exploit attempts
Hackers have an obvious predilection for Python-based attack tools, says Imperva. “When examining the use of Python in attacks against sites we protect, the result was …
GitHub adds Python support for security alerts
GitHub has announced that its recently introduced feature for alerting developers about known vulnerabilities in software packages that their projects depend on will now also …
AutoSploit: Automated mass exploitation of remote hosts using Shodan and Metasploit
A “cyber security enthusiast” that goes by VectorSEC on Twitter has published AutoSploit, a Python-based tool that takes advantage of Shodan and Metasploit modules …
PyCryptoMiner ropes Linux machines into Monero-mining botnet
A Linux-based botnet that has been flying under the radar has earned its master at least 158 Monero (currently valued around $63,000). The malware The botnet is based on a …
How programmers can be tricked into running bad code
Are programming language package managers vulnerable to typosquatting attacks? And can these attacks result in software developers running potentially malicious code? The …
Featured news
Resources
Don't miss
- Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182)
- Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897)
- Deepfake detection is losing ground to generative models
- Fragnesia: New Linux kernel LPE bug was spawned by Dirty Frag patch (CVE-2026-46300)
- Vector embedding security gap exposes enterprise AI pipelines