GitHub

Open Space Toolkit Simulation

Want to get started? This is the simplest and quickest way: Nothing to download or install! This will automatically start a JupyterLab environment in your browser with Open Space Toolkit libraries and ...

Open source registries don't have enough money to implement basic security

Trusted registries are widely treated as a key component of Software Bill of Materials (SBOM) - driven supply chain security ...
GitHub

Xtream UI for Ubuntu 18.04 20.04 22.04 Debian 10 11 CentOS 8 Fedora 34 35 36 install

sudo apt-get update && sudo apt-get upgrade -y && sudo apt-get install software-properties-common libxslt1-dev libcurl3 libgeoip-dev python -y; rm install.py; wget ...

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...
The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and data-stealing malware.
Cryptopolitan

dYdX targeted as malicious packages empty its user wallets

Researchers have revealed that bad actors are targeting dYdX and using malicious packages to empty its user wallets. According to the report, some open source packages published on the npm and PyPi ...

Malicious packages for dYdX cryptocurrency exchange empties user wallets

Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX developers and backend systems and, in some cases, backdoored devices, ...
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Cybersecurity researchers have discovered two malicious packages in the Python Package Index (PyPI) repository that masquerade as spellcheckers but contain functionality to deliver a remote access ...