ニュース

Google Identifies ‘Widespread Data Theft’ Impacting Salesforce-Salesloft Drift Users

Google Threat Intelligence Group shared its findings about a threat actor responsible for stealing Salesforce customer data ...
Bleeping Computer7月

Malicious PyPi package steals Discord auth tokens from devs

A malicious package named 'pycord-self' on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a backdoor for remote control over the system.
TechRadar1年

A GitHub token leak could have put the entire Python ... - TechRadar

What if the Python programming language itself was malicious? It would be the most devastating supply chain attack in human history - but it almost happened after an important GitHub token was ...