News

TechRadar27d
Malicious Python packages are stealing vital data, and have been downloaded thousands of times already
They claim to be a fix for a legitimate Python module named “bitcoinlib ... “The malicious content of that library was detected by the package contributors and the comments were deleted ...
What is Bitcoinlib, and how did hackers target it?
For example, this library automates tricky tasks like generating private ... primarily through open-source repositories like npm and PyPI (Python Package Index). Attackers employed both basic ...
Build a Self-Healing Code Agent That Fixes Errors Automatically
Learn how to build a self-healing code agent to improve code quality, reduce errors, and streamline your development process.
Slopsquatting: The worrying AI hallucination bug that could be spreading malware
Perhaps unsurprisingly, the most common AI culprits for these sorts of package hallucinations are the smaller open-source ...
The Currency Analytics8d
XRP Security Breach Exposes Private Keys in xrpl.js Attack
XRP's xrpl.js library was compromised in a supply chain attack, exposing private keys. Ripple urges immediate update to ...
bitnewsbot26d
Malicious Python Packages Target Crypto Wallets via Bitcoinlib Library
Two malicious Python packages named bitcoinlibdbfix and bitcoinlib-dev have been discovered targeting users of the popular bitcoinlib cryptocurrency library. The attackers use social engineering to ...
ActiveState Empowers Data Scientists with R Language Support, Strengthening Leadership in Open Source Security Posture Management
ActiveState, the Open Source Security Posture Management (OSPM) platform, today announced the strategic expansion of its ...
Datadog's State of DevSecOps 2025 Report Finds Only 18% of Critical Vulnerabilities Are Truly Worth Prioritizing
The report also found that exploitable vulnerabilities are especially prevalent in Java applications New York, New ...