Bleeping Computer

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions. Evidence ...
GitHub

Rec Room Discord RPC

Shows what you're doing in Rec Room as a Discord Rich Presence status. Room image, your profile picture, buttons to view the room and your profile, platform detection, the whole thing. Just run ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. "The attack targets Python ...
GitHub

A Python Discord bot that lets users play UNO inside a Discord server.

In order to run the bot yourself, follow these steps. To run the tests, run pytest in the virtual environment. This will run everything except the fuzzer, which can be run with python3 tests/fuzz.py. ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hundreds of GitHub accounts were accessed using credentials stolen in the VS Code GlassWorm campaign. Threat actors have been abusing credentials stolen in the VS Code GlassWorm campaign to hack ...
WeLiveSecurity

Award-winning news, views, and insight from the ESET security community

Threat actors are using AI to supercharge tried-and-tested TTPs. When attacks move this fast, cyber-defenders need to rethink their own strategy. Fraudsters often target the accounts of the deceased ...