Software Supply Chain Attack

Cybersecurity | Software Supply Chain Security

Malicious RubyGems and PyPI Packages Are Stealing Credentials and Crypto: What Happened and How to Protect Yourself
ByInnoVirtuoso August 8, 2025

If you’ve ever installed a “quick automation” gem or Python package to speed up social media posting or crypto staking, this one’s for you. Security researchers just uncovered dozens of malicious RubyGems targeting marketers and growth hackers, quietly exfiltrating usernames and passwords. At the same time, typosquatted packages on PyPI went after Bittensor wallets by…

Read More Malicious RubyGems and PyPI Packages Are Stealing Credentials and Crypto: What Happened and How to Protect Yourself
Cybersecurity | Software Development

Toptal GitHub Hacked: 10 Malicious npm Packages, 5,000 Downloads, and What It Means for Every Developer
ByInnoVirtuoso July 29, 2025

What if the next npm install you run wipes your computer and steals your secrets? That scenario isn’t just a hypothetical anymore. In July 2025, Toptal—a platform trusted by thousands of top developers and businesses—had its GitHub organization breached, resulting in the publication of 10 malicious npm packages that were downloaded over 5,000 times before…

Read More Toptal GitHub Hacked: 10 Malicious npm Packages, 5,000 Downloads, and What It Means for Every Developer