Information security
fromThe Hacker News
4 days agoMalicious PyPI and npm Packages Discovered Exploiting Dependencies in Supply Chain Attacks
Malicious package 'termncolor' discovered in PyPI allows code execution through its dependency 'colorinal', establishing persistence in systems.