GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
TechJuice

GlassWorm Malware Silently Infects Hundreds of Python Projects

GlassWorm attack uses stolen GitHub tokens to inject malware into Python repositories, exposing developers to supply chain risks.
Techzine Europe

GlassWorm malware surfaces in development environments

A large-scale GlassWorm malware campaign targeting developer platforms appears to be significantly more extensive and sophisticated than previously ...
InfoWorld

OpenAI buys Python tools builder Astral

Astral tools and expertise will be leveraged in OpenAI Codex agentic coding app to expand AI capabilities across the software ...

OpenAI to buy Python toolmaker Astral to take on Anthropic

March 19 (Reuters) - OpenAI said on Thursday it will acquire Python toolmaker Astral, as the ChatGPT ​owner looks to ...
InfoQ

Google Open-Sources the Common Expression Language for Python

Google has open sourced CEL-expr-python, a Python implementation of the Common Expression Language (CEL), a non-Turing complete embedded policy and expression language designed for simplicity, speed, ...
WinBuzzer

GitHub: Glassworm Hides Malware in Invisible Unicode Across 151+ Repos

The Glassworm campaign has compromised over 151 GitHub repositories and npm packages using invisible Unicode payloads that ...
Morningstar

Morningstar Licensed Data

It all starts with data. Morningstar was founded on the idea that quality investment data should be available to everyone. Our licensed data gives clients independent, comprehensive, and timely data ...