The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
InfoWorld

Wasmer beefs up Python support

WebAssembly runtime introduces experimental async API and support for dynamic linking in WASIX, enabling much broader support ...
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to distribute credential‑stealing payloads.
Microsoft

Case study: Securing AI application supply chains

This case study examines how vulnerabilities in AI frameworks and orchestration layers can introduce supply chain risk. Using ...