Real-time global intelligence

For informational and entertainment purposes only. Not investment advice.

Platform

Brief
Signals
Countries
Companies
Industries
Themes
Scenarios
Rankings

Tools

Globe
Analytics
Crises
Clusters
Supply Chain
Alliances
Screener
Watchlist
Portfolio

Developer

API Reference
Developer Keys
Webhooks
Status

Sources

View all sources →

1,000+ tracked sources

Signals updated every 15 minutes

Not investment advice. OpenWatch is provided for informational and entertainment purposes only. While we strive for accuracy, precision, and source attribution in all intelligence assessments, geopolitical analysis involves inherent uncertainty and our conclusions may be incomplete, delayed, or incorrect. Nothing on this platform constitutes financial, investment, legal, or professional advice of any kind. Forward-looking scenarios and probability estimates are analytical hypotheses — not independently validated forecasts. Any actions taken based on information found here are solely your responsibility. Always consult a qualified financial advisor before making investment decisions. Past signal patterns do not guarantee future outcomes.

Methodology
Privacy Policy
Terms of Use

openwatch.io

v·948999e

OpenWatch

Signal Search

Search across all ingested intelligence signals. Supports websearch syntax: AND OR "exact phrase" -exclude

Keywords

Threat Layer

Military Cyber Economic Disaster Political Criminal Health Supply Chain

Signal Type

Any Crisis Update Resolution

Region

Country

Min. Severity

Any ≥ 3 ≥ 5 ≥ 7 ≥ 9

Date Range

Clear all filters

Sort by

Severity Newest

↓Export CSV (requires API key)

4 results for "PyPI"

Page 1 of 1

CyberCrisis🇲🇱Mali15d ago

Cybersecurity researchers at Kaspersky have identified three malicious packages hosted on the Python Package Index (PyPI) that disguise themselves as legitimate libraries while covertly delivering a previously unknown malware family called ZiChatBot to Windows and Linux systems. The packages implement their advertised features to avoid detection, but their primary purpose is to deliver malicious payloads.

5.5/10·The Hacker News·Mali

Primary Source ↗Details →

Military

Update

🇲🇱Mali

3d ago

Supply chain attackers are not only trying to slip malicious code into trusted software. They are trying to steal the access that makes trusted software possible. Recently, three separate campaigns hit npm, PyPI, and Docker Hub in a 48-hour window, and all three targeted secrets from developer environments and CI/CD pipelines, including API keys, cloud credentials, SSH keys, and tokens.

4.5/10·The Hacker News·Mali

Primary Source ↗Details →

MilitaryCrisis🇺🇸United States9d ago

TeamPCP, the threat actor behind the recentsupply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a fresh Mini Shai-Hulud campaign. The affected npm packages have been modified to include an obfuscated JavaScript file ("router_init.js") that's designed to profile the execution

3.9/10·The Hacker News

Primary Source ↗Details →

CyberUpdate🇺🇸United States3d ago

Since the last update , the TeamPCP supply chain campaign produced its loudest stretch since the March Trivy disclosure: an officially confirmed Checkmarx Jenkins plugin compromise and a new self-spreading Mini Shai-Hulud worm across npm and PyPI. 

3.1/10·SANS Internet Storm Center

Primary Source ↗Details →