Software Supply Chain

Software Supply Chain Under Attack: New Malware Infiltrates PyPI & npm with Advanced Tactics slopsquatting

slopsquatting

Software Supply Chain Under Attack: New Malware Infiltrates PyPI & npm with Advanced Tactics

Do Son June 17, 2025

Amid a surge in increasingly sophisticated software supply chain attacks, cybersecurity experts have identified a new wave...

Malicious ‘discordpydebug’ Package on PyPI Steals Data with RAT CoffeeLoader PyPI malware

CoffeeLoader PyPI malware

Malicious ‘discordpydebug’ Package on PyPI Steals Data with RAT

Do Son May 9, 2025

Researchers have uncovered a malicious package in the PyPI repository, masquerading as a utility for working with...

Malicious PyPI Package Steals Crypto Exchange Trading Orders The JSON settings downloaded by the malicious package

The JSON settings downloaded by the malicious package

Malicious PyPI Package Steals Crypto Exchange Trading Orders

Do Son April 18, 2025

Researchers at JFrog have uncovered a malicious package hosted on the official Python Package Index (PyPI). Its...