Over 170K Users Hit by Fake Python Infrastructure

Threat Level – Red | Vulnerability Report
Download PDF

An unidentified group of threat actors orchestrated a supply chain attack, aiming at members of the Top.gg GitHub organization and individual developers. Their main goal was to inject malicious code into the code ecosystem. As a result, the attackers successfully impacted over 170,000 users by introducing malicious dependencies through a fabricated Python infrastructure linked to GitHub projects.

Threat Level – Red | Attack Report

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox