3 matches found
MAL-2025-2926 Malicious code in 3-0 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others
Unidentified adversaries orchestrated a sophisticated attack campaign that has impacted several individual developers as well as the GitHub organization account associated with Top.gg, a Discord bot discovery site. "The threat actors used multiple TTPs in this attack, including account takeover v...
Yelp: RCE on build server via misconfigured pip install
The following Python library has been installed on at least one Yelp owned build server directly from the public PyPI registry. https://pypi.org/project/yelp-cgeom/ This package should normally be downloaded from the internal Yelp registry, but a misconfiguration appears to have caused it to be...