Pypi

2 posts

How TeamPCP Poisoned Six Python Packages and Breached Over 1000 Organizations in Five Weeks

April 23, 2026

A group of attackers has been quietly poisoning Python packages for five weeks straight. They have exfiltrated data from over 500,000 infected machines, hit …

Fake SymPy Package Deploys Fileless Cryptominer on Linux Systems

January 22, 2026

A fake SymPy package deploys XMRig cryptominers on Linux machines. The malware hides inside polynomial functions. It only activates when you do math. Over 1,000 …