The Hacker News

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
Pique Newsmagazine

Core Capital Partners to appeal BCSC 'pump-and-dump' finding

The Vancouver company that a British Columbia Securities Commission (BCSC) panel found to have carried out a pump-and-dump scheme to artificially inflate the share price of two B.C. entities says it ...
GitHub

dbt-duckdb

DuckDB is an embedded database, similar to SQLite, but designed for OLAP-style analytics. It is crazy fast and allows you to read and write data stored in CSV, JSON, and Parquet files directly, ...
GitHub

Vizro is a low-code toolkit for building high-quality data visualization apps

Vizro is an open-source Python-based toolkit. Use it to build beautiful and powerful data visualization apps quickly and easily, without needing advanced engineering or visual design expertise. Then ...