The GlassWorm malware campaign is being used to fuel an
ongoing attack that leverages the stolen GitHub tokens to inject
malware into hundreds of Python repositories. "The attack targets
Python projects — including Django apps, ML research code,
Streamlit dashboards, and PyPI packages — by appending obfuscated
code to files like setup.py, main.py, and app.py," StepSecurity
said. "Anyone who runs
Read more https://thehackernews.com/2026/03/glassworm-attack-uses-stolen-github.html
