The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

Dark Sky Technology Announces Air-Gapped SBOM Generation for Mixed-Code Development Environments with Bulletproof Trustâ„¢

New capability delivers compliant, rich, analysis-ready SBOMs from a single folder-based workflow—even for mixed and ...