The Hacker News

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.
Eau Claire Leader-Telegram

ReversingLabs 2026 Software Supply Chain Security Report Identifies 73% Increase in ...

ReversingLabs (RL), the trusted name in file and software security, today released its fourth annual Software Supply Chain Security Report. The 2026 ...
GitHub

Automated publisher for the Interactive Brokers TWS API Python client on PyPI.

This is an unofficial automated publisher for the Interactive Brokers TWS API Python client. The source code is from Interactive Brokers' official TWS API distribution, packaged and published to PyPI ...
GitHub

A Python package for generating payment transactions compliant with the Bakong KHQR standard.

The bakong-khqr package provides the KHQR class for generating QR code, Deeplink, Check Payment, Get Payment transaction for Bakong KHQR. Many developers face HTTP 403 errors when accessing Bakong ...
The Hacker News

CrashFix Chrome Extension Delivers ModeloRAT Using ClickFix-Style Browser Crash Lures

Cybersecurity researchers have disclosed details of an ongoing campaign dubbed KongTuke that used a malicious Google Chrome extension masquerading as an ad blocker to deliberately crash the web ...
theregister

Anthropic finds $1.5 million to help Python Foundation improve security

The Python Software Foundation (PSF) has an extra $1.5 million heading its way, after AI upstart Anthropic entered into a partnership aimed at improving security in the Python ecosystem. “This ...