SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
Decrypt

Crypto Gift Card Platform Bitrefill Discloses Hack, Points Finger at North Korean Groups

Bitrefill, which lets users swap Bitcoin, Dogecoin and other crypto assets for gift cards, disclosed a breach that took place on March 1.

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
MUO on MSN

Hackers are disguising malware as Claude Code, and it's easy to fall for the scam

Be careful what links you follow ...
Hackaday

Building A Robot Partner To Play Air Hockey With

Air hockey is one of those sports that’s both incredibly fun, but also incredibly frustrating as playing it by yourself is a ...