A malicious Python package, ‘discordpydebug’, disguised as a debugging tool for Discord developers, was discovered to be a remote access trojan. Targeting Discord bot developers, it accumulated over 11,000 downloads, creating a backdoor to systems for unauthorized access. Its stealthy design allowed it to evade many security measures, raising concerns about open-source supply chain vulnerabilities.
Linux Kernel KSMBD Flaw Lets Remote Attackers Drain Server Resources
A critical vulnerability in the Linux kernel’s KSMBD implementation has been discovered that allows remote attackers to completely exhaust server connection resources through a simple
