Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...
Hosted on MSN

PyPI package hack exposes developers to credential theft

A widely used PyPI package, 'elementary-data', was compromised through a malicious update that inserted infostealer code via a GitHub Actions workflow. The breach potentially exposed SSH keys, cloud ...
GhanaWeb - Ghana HomePage

Popular Open-Source Package Stole User Credentials: What It Means for Ghanaian Developers

A widely used open-source tool stole passwords and API keys from over 1 million users. Here's what Ghanaian developers need ...
PhoneWorld

Hackers Impersonate Microsoft Teams to Gain Full Enterprise Access Without Exploits

Hackers leveraging Microsoft Teams, custom malware, and trusted cloud infrastructure to gain deep access into enterprise ...