The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.
Hosted on MSN

The secret Python switch: How one flag makes your scripts run faster

When you're trying to get the best performance out of Python, most developers immediately jump to complex algorithmic fixes, using C extensions, or obsessively running profiling tools. However, one of ...

Slay the Spire 2's game engine is a surprisingly big deal

The popular roguelike deckbuilder is made in Godot, and the engine makes a difference when it comes to game development and piracy ...
CSO Online

North Korean fake IT worker tradecraft exposed

GitLab exposes abuse of its platform to trick software developers into downloading malicious payloads and finance companies ...
Security Boulevard

China-nexus Threat Actor Targets Persian Gulf Region With PlugX

IntroductionOn March 1, 2026, ThreatLabz observed new activity from a China-nexus threat actor targeting countries in the Persian Gulf region. The activity took place within the first 24 hours of the ...

AI can rewrite open source code—but can it rewrite the license, too?

Computer engineers and programmers have long relied on reverse engineering as a way to copy the functionality of a computer ...

APT28 hackers deploy customized variant of Covenant open-source tool

The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation ...