Google issues new 'warning' in Microsoft Teams chat invitations and helpdesk scam

Cybercriminals are now leveraging Microsoft Teams, posing as IT helpdesk staff, to trick employees into revealing credentials ...

Top open source PyPI package with over 1 million downloads each month hacked to send out malware

This was not a case of stolen credentials, but rather of vulnerability exploitation.
Hosted on MSN

Popular PyPI package hacked to deliver infostealing malware

A widely used open-source PyPI package, elementary-data, was compromised in a targeted attack that inserted infostealer malware via a GitHub Actions vulnerability. The malicious update, version 0.23.3 ...