A campaign active since last November has been targeting Python developers building Telegram bots with trojanized Pyrogram ...
Threat actors have struck the software supply chain yet again, this time hitting the Python Package Index (PyPI) with Mini Shai-Hulud in an attempt to spread poisoned code. In the latest campaign, ...
Vienna, Austria, June 25, 2026 — digna, the European data quality and observability platform, today announced the release of digna 2026.06, introducing a new Python SDK and Docker deployment support ...
The FBI warned that TeamPCP software supply chain attacks targeted developer tools to steal cloud credentials, SSH keys, and ...
Every Python developer knows some or all of these libraries, because they’re stable, reliable, and excellent at what they do.
The release marks a significant step in digna's mission to make enterprise data quality, observability, and analytics more accessible to technical teams building modern data platforms, AI applications ...
The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index (PyPI) registry, as the ...
Operation Navy Ghost is targeting Python developers who build Telegram bots by hiding backdoors inside trojanized Pyrogram forks uploaded to PyPI. The campaign has been active since November 2025, ...
Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concept (PoC) repositories ...
pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. Please take a look at our documentation ...