Python 12

• CanisterWorm: npm Publisher Compromise Deploys Backdoor Across 29+ Packages Mar 20, 2026
• PyPI Package Impersonates SymPy to Deliver Cryptomining Malware Jan 21, 2026
• Surveillance Malware Hidden in npm and PyPI Packages Targets Developers with Keyloggers, Webcam Capture, and Credential Theft Jul 23, 2025
• 2025 Blockchain and Cryptocurrency Threat Report: Malware in the Open Source Supply Chain Jun 12, 2025
• Monkey-Patched PyPI Packages Use Transitive Dependencies to Steal Solana Private Keys May 29, 2025
• The Landscape of Malicious Open Source Packages: 2025 Mid‑Year Threat Report May 14, 2025
• The Bad Seeds: Malicious npm and PyPI Packages Pose as Developer Tools to Steal Wallet Credentials Apr 22, 2025
• Black Basta's Dependency Confusion Ambitions and Ransomware in Open Source Ecosystems Mar 19, 2025
• Malicious PyPI Package Exploits Deezer API for Coordinated Music Piracy Feb 25, 2025
• Weaponizing OAST: How Malicious Packages Exploit npm, PyPI, and RubyGems for Data Exfiltration and Recon Jan 3, 2025
• Noxia: Emerging Dark Web Hosting Provider Targets Python, Node.js, Go, and Rust Ecosystems Oct 23, 2024
• Typosquatting on PyPI: Malicious Package Mimics Popular 'browser-cookie3' Library to Steal Sensitive Data Oct 11, 2024