New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.
IEEE

Bad Snakes: Understanding and Improving Python Package Index Malware Scanning

Open-source, community-driven package repositories see thousands of malware packages each year, but do not currently run automated malware detection systems. In this work, we explore the security ...
GitHub

A Python package for processing Polarimetric Synthetic Aperture Radar (PolSAR) data.

This award was presented by the Indian Society of Remote Sensing (ISRS) during the Innovation Contest for Geo Spatial Information Technology-2025. Why this work was recognized: Our project was honored ...