The Hacker News

Alert: Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown

Malicious PyPI package soopsocks downloaded 2,653 times before takedown, exfiltrating Windows data to Discord.
ADTmag

The Worm That Ate JavaScript: Inside the Shai-Hulud Supply Chain Attack

The JavaScript development community faced one of its most sophisticated supply chain attacks in September, when a ...