The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python ...

LiteLLM loses game of Trivy pursuit, gets compromised

Two versions of LiteLLM, an open source interface for accessing multiple large language models, have been removed from the ...
TechJuice

GlassWorm Malware Silently Infects Hundreds of Python Projects

GlassWorm attack uses stolen GitHub tokens to inject malware into Python repositories, exposing developers to supply chain ...

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
ZDNet

RIAA blitz takes down 18 GitHub projects used for downloading YouTube videos

Microsoft-owned GitHub has removed today 18 projects from its code-hosting portal following a legal request filed by the Recording Industry Association of America (RIAA). All the code repositories ...
Indiatimes

GitHub projects 57.5 million developers in India by 2030

Bengaluru: India is home to 1.9 million developers building on GitHub, making it the second-largest developer community in the world after the United States. According to the Octoverse 2025 report, ...
Hackaday

This Week In Security: Linux Flaws, Python Ownage, And A Botnet Shutdown

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...