A malicious package called “dbgpkg” on the Python Package Index (PyPI) reportedly serves as a delivery mechanism for a stealthy backdoor, posing as a debugging tool. Researchers found it modifies code and remains undetected until certain modules are triggered. The package, potentially tied to the pro-Ukrainian hacktivist group Phoenix Hyena, has triggered concerns about the security of open-source software repositories. Experts urge developers to scrutinize utilities before installation.
CrowdStrike announces integration with Nvidia Enterprise AI Factory
Organizations can now integrate CrowdStrike’s cybersecurity protection into their Nvidia Enterprise AI Factory deployments, enhancing security measures while utilizing AI technologies for improved operational efficiency
