Dark Reading

Malicious Python Repository Package Drops Cobalt Strike on Windows, macOS & Linux Systems

Public repositories of open source code are a critical part of the software supply chain that many organizations use to build applications. They are therefore an attractive target for adversaries ...
Dark Reading

One-Third of Popular PyPI Packages Mistakenly Flagged as Malicious

The scanners tasked with weeding out malicious contributions to packages distributed via the popular open source code repository Python Package Index (PyPI) create a significant number of false alerts ...

Moderne Expands Agent Tools Platform with Python Support for Intelligent, Deterministic Software Transformation

Moderne today announced Python language support across its Agent Tools platform, expanding the infrastructure organizations use to build code intelligence and safely coordinate large-scale software ...

Developer-Written AGENTS.md Lifts Results 4% but Raises Cost

ETH Zurich tests AGENTS.md and context files on 438 tasks, finding developer-written notes raise performance about 4% while increasing spend ...
TechSpot

More than 100,000 GitHub repositories found spreading malicious packages

Facepalm: GitHub serves as a colossal hub for software development, hosting nearly half a billion code projects created by hundreds of millions of developers worldwide. Given its extensive reach and ...
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...