Russian hackers use fake CAPTCHA tests to spread new malware families across multiple targets

Russian hackers use fake CAPTCHA tests to spread dangerous malware targeting governments and journalists. Learn how to ...
CSO Online

Modern supply-chain attacks and their real-world impact

Supply-chain attacks have evolved considerably in the las two years going from dependency confusion or stolen SSL among ...
Bleeping Computer

Hackers target Python devs in phishing attacks using fake PyPI site

The Python Software Foundation warned users this week that threat actors are trying to steal their credentials in phishing attacks using a fake Python Package Index (PyPI) website. PyPI is a ...
SecurityWeek

Data Exposure Vulnerability Found in Deep Learning Tool Keras

A vulnerability in the open source deep learning tool Keras could allow attackers to load arbitrary local files or conduct SSRF attacks.
Bleeping Computer

PyPI now blocks domain resurrection attacks used for hijacking accounts

The Python Package Index (PyPI) has introduced new protections against domain resurrection attacks that enable hijacking accounts through password resets. PyPI is the official repository for ...

Python plan to boost software security foiled by Trump admin’s anti-DEI rules

The Python Software Foundation has rejected a $1.5 million government grant because of anti-DEI requirements imposed by the ...