PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...
AZ Animals

The Snake That Lays Up to 80 Eggs and Shivers to Warm Them

Reticulated pythons sometimes need a little assistance getting out of their eggs when hatching. Read here to learn more.
The Hacker News

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.