The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

APT28 hackers deploy customized variant of Covenant open-source tool

The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation ...
GitHub

jad-fahmi/py-recon

py-recon/ ├── recon/ │ ├── osint.py # WHOIS, DNS, subdomain enumeration │ ├── network.py # Port scanner, banner grabbing, ping sweep │ ├── automation.py # Chains modules, manages output │ └── utils.py ...