{"id":19560,"date":"2026-03-16T19:37:00","date_gmt":"2026-03-16T19:37:00","guid":{"rendered":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/16\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\/"},"modified":"2026-03-16T19:37:00","modified_gmt":"2026-03-16T19:37:00","slug":"glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news","status":"publish","type":"post","link":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/16\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\/","title":{"rendered":"GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos info@thehackernews.com (The Hacker News)"},"content":{"rendered":"<p>The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories.<br \/>\n&#8220;The attack targets Python projects \u2014 including Django apps, ML research code, Streamlit dashboards, and PyPI packages \u2014 by appending obfuscated code to files like setup.py, main.py, and app.py,&#8221; StepSecurity said. &#8220;Anyone who runs<a href=\"https:\/\/thehackernews.com\/2026\/03\/glassworm-attack-uses-stolen-github.html\" target=\"_blank\" class=\"feedzy-rss-link-icon\">Read More<\/a>\u00a0<\/p>","protected":false},"excerpt":{"rendered":"<p>The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. &#8220;The attack targets Python projects \u2014 including Django apps, ML research code, Streamlit dashboards, and PyPI packages \u2014 by appending obfuscated code to files like setup.py, main.py, and app.py,&#8221; [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":19561,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-19560","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.8 - aioseo.com -->\n\t<meta name=\"description\" content=\"The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. &quot;The attack targets Python projects \u2014 including Django apps, ML research code, Streamlit dashboards, and PyPI packages \u2014 by appending obfuscated code to files like setup.py, main.py, and app.py,&quot;\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"admin\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/sekuritasit.com\/index.php\/2026\/03\/16\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.8\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Sekuritas IT \u203a Creative solutions to unique challenges.\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta property=\"og:description\" content=\"The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. &quot;The attack targets Python projects \u2014 including Django apps, ML research code, Streamlit dashboards, and PyPI packages \u2014 by appending obfuscated code to files like setup.py, main.py, and app.py,&quot;\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/sekuritasit.com\/index.php\/2026\/03\/16\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\/\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2026-03-16T19:37:00+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2026-03-16T19:37:00+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100086973577423\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta name=\"twitter:description\" content=\"The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. &quot;The attack targets Python projects \u2014 including Django apps, ML research code, Streamlit dashboards, and PyPI packages \u2014 by appending obfuscated code to files like setup.py, main.py, and app.py,&quot;\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/16\\\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\\\/#blogposting\",\"name\":\"GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"headline\":\"GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos info@thehackernews.com (The Hacker News)\",\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/githun-malware-wx0Yhu.jpg\",\"width\":900,\"height\":470},\"datePublished\":\"2026-03-16T19:37:00+00:00\",\"dateModified\":\"2026-03-16T19:37:00+00:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/16\\\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/16\\\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"articleSection\":\"Uncategorized\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/16\\\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/sekuritasit.com\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"position\":2,\"name\":\"Uncategorized\",\"item\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/16\\\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\\\/#listItem\",\"name\":\"GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos info@thehackernews.com (The Hacker News)\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/16\\\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\\\/#listItem\",\"position\":3,\"name\":\"GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos info@thehackernews.com (The Hacker News)\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\",\"name\":\"Sekuritas IT\",\"description\":\"Creative solutions to unique challenges.\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100086973577423\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/16\\\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\\\/#authorImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g\",\"width\":96,\"height\":96,\"caption\":\"admin\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/16\\\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\\\/#webpage\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/16\\\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\\\/\",\"name\":\"GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"description\":\"The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. \\\"The attack targets Python projects \\u2014 including Django apps, ML research code, Streamlit dashboards, and PyPI packages \\u2014 by appending obfuscated code to files like setup.py, main.py, and app.py,\\\"\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/16\\\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/githun-malware-wx0Yhu.jpg\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/16\\\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\\\/#mainImage\",\"width\":900,\"height\":470},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/16\\\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\\\/#mainImage\"},\"datePublished\":\"2026-03-16T19:37:00+00:00\",\"dateModified\":\"2026-03-16T19:37:00+00:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"name\":\"Sekuritas IT\",\"alternateName\":\"Sekuritas\",\"description\":\"Creative solutions to unique challenges.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. \"The attack targets Python projects \u2014 including Django apps, ML research code, Streamlit dashboards, and PyPI packages \u2014 by appending obfuscated code to files like setup.py, main.py, and app.py,\"","canonical_url":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/16\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/16\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\/#blogposting","name":"GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","headline":"GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos info@thehackernews.com (The Hacker News)","author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2026\/03\/githun-malware-wx0Yhu.jpg","width":900,"height":470},"datePublished":"2026-03-16T19:37:00+00:00","dateModified":"2026-03-16T19:37:00+00:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/16\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\/#webpage"},"isPartOf":{"@id":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/16\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\/#webpage"},"articleSection":"Uncategorized"},{"@type":"BreadcrumbList","@id":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/16\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","position":1,"name":"Home","item":"https:\/\/sekuritasit.com","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","position":2,"name":"Uncategorized","item":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/16\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\/#listItem","name":"GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos info@thehackernews.com (The Hacker News)"},"previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/16\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\/#listItem","position":3,"name":"GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos info@thehackernews.com (The Hacker News)","previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}}]},{"@type":"Organization","@id":"https:\/\/sekuritasit.com\/#organization","name":"Sekuritas IT","description":"Creative solutions to unique challenges.","url":"https:\/\/sekuritasit.com\/","sameAs":["https:\/\/www.facebook.com\/profile.php?id=100086973577423"]},{"@type":"Person","@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author","url":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/","name":"admin","image":{"@type":"ImageObject","@id":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/16\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\/#authorImage","url":"https:\/\/secure.gravatar.com\/avatar\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g","width":96,"height":96,"caption":"admin"}},{"@type":"WebPage","@id":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/16\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\/#webpage","url":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/16\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\/","name":"GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. \"The attack targets Python projects \u2014 including Django apps, ML research code, Streamlit dashboards, and PyPI packages \u2014 by appending obfuscated code to files like setup.py, main.py, and app.py,\"","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/sekuritasit.com\/#website"},"breadcrumb":{"@id":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/16\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\/#breadcrumblist"},"author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"creator":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2026\/03\/githun-malware-wx0Yhu.jpg","@id":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/16\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\/#mainImage","width":900,"height":470},"primaryImageOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/16\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\/#mainImage"},"datePublished":"2026-03-16T19:37:00+00:00","dateModified":"2026-03-16T19:37:00+00:00"},{"@type":"WebSite","@id":"https:\/\/sekuritasit.com\/#website","url":"https:\/\/sekuritasit.com\/","name":"Sekuritas IT","alternateName":"Sekuritas","description":"Creative solutions to unique challenges.","inLanguage":"en-US","publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"}}]},"og:locale":"en_US","og:site_name":"Sekuritas IT \u203a Creative solutions to unique challenges.","og:type":"article","og:title":"GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","og:description":"The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. &quot;The attack targets Python projects \u2014 including Django apps, ML research code, Streamlit dashboards, and PyPI packages \u2014 by appending obfuscated code to files like setup.py, main.py, and app.py,&quot;","og:url":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/16\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\/","article:published_time":"2026-03-16T19:37:00+00:00","article:modified_time":"2026-03-16T19:37:00+00:00","article:publisher":"https:\/\/www.facebook.com\/profile.php?id=100086973577423","twitter:card":"summary_large_image","twitter:title":"GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","twitter:description":"The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. &quot;The attack targets Python projects \u2014 including Django apps, ML research code, Streamlit dashboards, and PyPI packages \u2014 by appending obfuscated code to files like setup.py, main.py, and app.py,&quot;"},"aioseo_meta_data":{"post_id":"19560","title":null,"description":null,"keywords":null,"keyphrases":null,"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":null,"og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":null,"robots_max_videopreview":null,"robots_max_imagepreview":"large","priority":null,"frequency":null,"local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"ai":null,"created":"2026-03-16 20:37:42","updated":"2026-03-16 20:37:42","seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/\" title=\"Uncategorized\">Uncategorized<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tGlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos info@thehackernews.com (The Hacker News)\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/sekuritasit.com"},{"label":"Uncategorized","link":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/"},{"label":"GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos info@thehackernews.com (The Hacker News)","link":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/16\/glassworm-attack-uses-stolen-github-tokens-to-force-push-malware-into-python-repos-infothehackernews-com-the-hacker-news\/"}],"_links":{"self":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/19560","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/comments?post=19560"}],"version-history":[{"count":0,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/19560\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media\/19561"}],"wp:attachment":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media?parent=19560"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/categories?post=19560"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/tags?post=19560"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}