Decrypt

Shai-Hulud: What to Know About the Malware Spreading Through Software Pipelines

The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.
GitHub

SigMT: An open-source Python package for magnetotelluric data processing

SigMT is an open-source Python package developed for the processing of magnetotelluric (MT) time series data to estimate MT impedance and tipper responses. The package enables data processing with ...
IEEE

Board-Level Drop Impact Reliability Analysis of Dual-Side Molding System-in- Package (SiP) Modules

Abstract: System-in-package (SiP) modules are widely used in portable electronics such as Internet of Things (IoT) devices and mobile consumer equipment since they integrate multiple components in a ...
The Hacker News

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

Cybersecurity researchers are sounding the alarm about a new supply chain attack campaign targeting SAP-related npm Packages with credential-stealing malware. mbt@1.2.48 @cap-js/db-service@2.10.1 @cap ...
Bleeping Computer

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive developer data and cryptocurrency wallets. The dangerous release is 0.23.3, ...
IEEE

Malicious Packages Lurking in User-Friendly Python Package Index

Abstract: Python has gradually become one of the most important programming languages through artificial intelligence's development. PIP, a package management tool for Python, offers one-click ...