PyPI invalidates tokens stolen in GhostAction supply chain attack

The Python Software Foundation team has invalidated all PyPI tokens stolen in the GhostAction supply chain attack in early ...
The Hacker News

Malicious npm Packages Exploit Ethereum Smart Contracts to Target Crypto Developers

Cybersecurity researchers have discovered two new malicious packages on the npm registry that make use of smart contracts for the Ethereum blockchain to carry out malicious actions on compromised ...
GitHub

Python lab automation landscape catalog

This page should serve as a catalog of Python packages for laboratory automation, meaning data acquisition and control of hardware instruments during experiments, e.g. in a company or university lab.
GitHub

CoRE-MOF Python package

Easy access to the various versions of the CoRE MOF databases, as a Python package. The 2019 database included in the package is the “public” part of the database, which is freely available. It is ...
ISPreview

EE UK Set to Cut BT Wholesale Out from Slower Broadband Packages

Mobile and broadband ISP EE (BT) has confirmed to ISPreview that the approach they currently take on their top 1.6Gbps speed Full Fibre (FTTP) package, which partly cuts BT Wholesale out of the ...
The Hacker News

Researchers Find VS Code Flaw Allowing Attackers to Republish Deleted Extensions Under Same Names

Cybersecurity researchers have discovered a loophole in the Visual Studio Code Marketplace that allows threat actors to reuse names of previously removed extensions. Software supply chain security ...