Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python ...
Mothership.SG

Python dies after being run over 'at least twice' while crossing Cecil Road

A reticulated python died after it was run over at least twice while crossing Cecil Road on the evening of Mar. 12, despite ...

‘Slithery Situation’: Florida Woman Drives To Fire Station With Python Trapped Inside Her Car’s Dashboard

When a South Florida pet python owner discovered her snake inside her car's dashboard, she drove to a nearby fire station for ...
CSOonline

AI hallucinations lead to a new cyber threat: Slopsquatting

Cybersecurity researchers are warning of a new type of supply chain attack, Slopsquatting, induced by a hallucinating generative AI model recommending non-existent dependencies. According to research ...
TechRadar

Malicious Python packages are stealing vital data, and have been downloaded thousands of times already

Researchers found three malicious PyPI packages, two targeting bitcoin developers, and one WooCommerce stores Two are designed to steal data, and the third to test for valid credit cards All three ...
The Hacker News

Python-Based Bots Exploiting PHP Servers Fuel Gambling Platform Proliferation

Cybersecurity researchers have exposed a new campaign that targets web servers running PHP-based applications to promote gambling platforms in Indonesia. "Over the past two months, a significant ...
GitHub

Veeder-Root TLS Socket Library

This is an unofficial Python sockets wrapper for querying Veeder-Root automatic tank gauges remotely through the Internet. This wrapper is primarily made to support ...
GitHub

pythonTestAdapter fails if sockets are disabled for tests

When using pytest with pytest_socket to disable network connections in test, the test suite fails. Test Results displays the following error: vscode_pytest ...