Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...
BeInCrypto

Bitwarden CLI Supply Chain Attack Puts Crypto Wallet Keys at Risk

Bitwarden CLI 2026.4.0 was compromised in a supply chain attack that targets crypto wallet keys, SSH keys, and CI/CD secrets.
Hosted on MSN

PyPI package hack exposes developers to credential theft

A widely used PyPI package, 'elementary-data', was compromised through a malicious update that inserted infostealer code via a GitHub Actions workflow. The breach potentially exposed SSH keys, cloud ...
Hosted on MSN

Popular PyPI package hacked to deliver infostealing malware

A widely used open-source PyPI package, elementary-data, was compromised in a targeted attack that inserted infostealer malware via a GitHub Actions vulnerability. The malicious update, version 0.23.3 ...
Sky

Epstein files: The key findings so far

More than three million pages related to Jeffrey Epstein have been made public in the latest release by the US Department of Justice. Email exchanges, as well as more than 2,000 videos and 180,000 ...
GhanaWeb - Ghana HomePage

Popular Open-Source Package Stole User Credentials: What It Means for Ghanaian Developers

A widely used open-source tool stole passwords and API keys from over 1 million users. Here's what Ghanaian developers need ...
PhoneWorld

Hackers Impersonate Microsoft Teams to Gain Full Enterprise Access Without Exploits

Hackers leveraging Microsoft Teams, custom malware, and trusted cloud infrastructure to gain deep access into enterprise ...