Security News

Malicious PyPI Package Masquerades as Chimera Module to Steal AWS, CI/CD, and macOS Data

TheHackerNews

Daniel Bender

Jun 16, 2025

Malware-laced PyPI and npm packages steal developer credentials, CI/CD data, and crypto wallets. Attacks target macOS, AI workflows, and cloud setups