GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

8 powerful apt commands every Linux user should know - or else you're missing out

The Debian/Ubuntu package manager isn't just for installing and removing software. There's more to Apt than you might know.
IEEE

Bad Snakes: Understanding and Improving Python Package Index Malware Scanning

Open-source, community-driven package repositories see thousands of malware packages each year, but do not currently run automated malware detection systems. In this work, we explore the security ...
GitHub

scikit-eo: A Python package for Remote Sensing Data Analysis

Nowadays, remotely sensed data has increased dramatically. Microwaves and optical images with different spatial and temporal resolutions are available and are used to monitor a variety of ...
The Hacker News

Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware

Cybersecurity researchers have discovered four malicious NuGet packages that are designed to target ASP.NET web application developers to steal sensitive data. The campaign, discovered by Socket, ...
Bleeping Computer

Android mental health apps with 14.7M installs filled with security flaws

Several mental health mobile apps with millions of downloads on Google Play contain security vulnerabilities that could expose users’ sensitive medical information. In one of the apps, security ...
GitHub

PAF Monorepo — Self-Hosted UK Postcode & Address Lookup API

You must hold a valid Royal Mail PAF licence before using this project with the full Royal Mail PAF dataset either internally or in a production setting. This project does not include any Royal Mail ...