Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.
The campaign, observed in February 2026, has been assessed to share overlaps with a prior campaign mounted by Laundry Bear, a group tracked by Microsoft as Void Blizzard.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results