Linux
2.16K subscribers
3.67K photos
20 videos
16K links
Новости Линукс Linux

По всем вопросам @evgenycarter
Download Telegram
📰 Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index (PyPI) registry, as the Mini Shai-Hulud-style attacks continue to be refined and splintered to target specific ecosystems."The compromised releases shipped a *-setup.pth file that attempts to execute automatically.

🔗 Source: https://thehackernews.com/2026/06/hades-pypi-attack-19-packages-poisoned.html

#python

👉@sysadminoff
📰 GraalVM CE 25.1.3 Gets Native Image "Hello World" Program Down To Just 6.5MB

GraalVM, the advanced JDK focused on ahead-of-time (AOT) Native Image compilation and since last year began shifting focus to more non-Java languages like Python and JavaScript, is out with its newest community feature release. GraalVM Community Edition 25.1.3 is now available with some interesting changes in tow...

🔗 Source:

#python

👉@sysadminoff

https://www.phoronix.com/news/GraalVM-Community-25.1.3
📰 New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos

Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concept (PoC) repositories on GitHub that claim to exploit hot new CVEs.Run one, and it quietly lifts your saved passwords, browser cookies, and files, then hands the attacker a shell on your machine. YesWeHack and.

🔗 Source: https://thehackernews.com/2026/07/new-chocopoc-rat-targets-vulnerability.html

#python

👉@sysadminoff