Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
Bleeping Computer

New Python malware backdoors VMware ESXi servers for remote access

A previously undocumented Python backdoor targeting VMware ESXi servers has been spotted, enabling hackers to execute commands remotely on a compromised system. VMware ESXi is a virtualization ...
Hackaday

This Week In Security: Linux Flaws, Python Ownage, And A Botnet Shutdown

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...
CoinDesk

North Korean Hackers Are Targeting Top Crypto Firms With Malware Hidden in Job Applications

A North Korean hacking group is targeting crypto workers with a Python-based malware disguised as part of a fake job application process, researchers at Cisco Talos said earlier this week. Most ...
Threat Post

VMware ESXi Servers Encrypted by Lightning-Fast Python Script

The little snippet of Python code strikes fast and nasty, taking less than three hours to complete a ransomware attack from initial breach to encryption. Researchers have discovered a new Python ...
Graham Cluley

Python-based malware attack targets Macs. Windows PCs also under fire

Experts at SophosLabs have identified a new malware attack that is targeting both Mac and Windows computers, exploiting the infamous Java security vulnerability that allowed the Flashback botnet to ...
The Hacker News

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across ...