#python-package

[ follow ]
#malware #cybersecurity #software-supply-chain #credential-theft #teampcp #credential-harvesting #data-theft
Information security
fromThe Hacker News
1 week ago

PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials

Malicious versions of the Lightning Python package were released, enabling credential theft through an automated attack chain.
#cybersecurity
fromThe Hacker News
1 month ago
Information security

TeamPCP Backdoors LiteLLM Versions 1.82.7-1.82.8 Likely via Trivy CI/CD Compromise

TeamPCP compromised the litellm Python package, embedding malicious versions that include a credential harvester and a persistent backdoor.
fromCSO Online
10 months ago
Information security

Malicious PyPI package targets Chimera users to steal AWS tokens, CI/CD secrets

A malicious Python package on PyPI targets sensitive corporate credentials, posing significant risks to software supply chains.
Information security
fromThe Hacker News
1 month ago

TeamPCP Backdoors LiteLLM Versions 1.82.7-1.82.8 Likely via Trivy CI/CD Compromise

TeamPCP compromised the litellm Python package, embedding malicious versions that include a credential harvester and a persistent backdoor.
more#cybersecurity
[ Load more ]