Infosecurity-magazine.com

Compromised AI Library Delivers Cryptocurrency Miner via PyPI

A compromised version of the popular ultralytics AI library has been found to deliver a cryptocurrency mining payload. ReversingLabs researchers traced the issue to a breach of the library’s build ...
Dark Reading

'Culturestreak' Malware Lurks Inside GitLab Python Package

In what's becoming an all-too-common occurrence in the current threat landscape, security researchers have found yet another malicious open source package, this time an active Python file on GitLab ...
Dark Reading

Stealthy, Thieving Python Packages Slither Onto Windows Systems

A threat actor has been delivering a "relentless campaign" since early April to seed the software supply chain with hundreds of malicious Python packages aimed at stealing sensitive data and ...