Backdoored Telnyx PyPI package pushes malware hidden in WAV audio

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver ...

Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...
The Hacker News

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across ...
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...
GitHub

File downloader for archive.org

Simply pass the URL of an archive.org details page you want to download and ia-get will automatically get the XML metadata and download all files to the current working directory. I wanted to download ...
GitHub

WebSocket socket/file descriptor leak — ~120 leaked sockets per minute

Process crashes after ~8 minutes. The first symptom is TLS failing to read root CA certificates because the OS can't open any more files: WARN tokio_tungstenite::tls ...