Malicious PyPI Package Masquerades as Chimera Module to Steal AWS, CI/CD, and macOS Data

Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets

Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month

Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion

CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that's capable of harvesting sensitive developer-related information, such as credentials, configuration data, and environment variables, among others.
The package, named chimera-sandbox-extensions, attracted 143 downloads and likely targets users of a service called Chimera Sandbox,

Headline

Malicious PyPI Package Masquerades as Chimera Module to Steal AWS, CI/CD, and macOS Data

The Hacker News: Latest News