{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreifzflks2egn4pdfkduultuslf4bzkvrwrxzubdz7dxi7ojx54j7ue",
    "uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3mh7sw2i5trx2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreifz3kokth5f76dara3lk4t2peaf25cwrlqqmm533td26ahgmlmrhq"
    },
    "mimeType": "image/jpeg",
    "size": 296754
  },
  "path": "/2026/03/glassworm-attack-uses-stolen-github.html",
  "publishedAt": "2026-03-16T19:37:00.000Z",
  "site": "https://thehackernews.com",
  "textContent": "The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories.\n\"The attack targets Python projects — including Django apps, ML research code, Streamlit dashboards, and PyPI packages — by appending obfuscated code to files like setup.py, main.py, and app.py,\" StepSecurity said. \"Anyone who runs",
  "title": "GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos"
}