ESET Research has discovered a cluster of malicious Python projects being distributed in PyPI, the official Python package repository. The threat targets both Windows and Linux systems and usually ...

Malicious Python Repository Package Drops Cobalt Strike on Windows, macOS & Linux Systems The PyPI "pymafka" package is the latest example of growing attacker interest in abusing widely used open ...

Multiple open source software packages on the Python Package Index (PyPI) repository were found to be malicious, likely compromising thousands of devices, experts have warned.

10 malicious Python packages exposed in latest repository attack Supply-chain attacks are moving GitHub toward digitally signed packages.

Researchers at security vendor Checkmarx have uncovered an operation, apparently based in Iraq, that uses malware hosted on the Python repository PyPI to search for files on the victim's device ...