Hackers are hunting for vulnerable endpoints to deploy Python malware.

A report from ReversingLabs reveals a massive 73% increase in malicious open-source packages in 2025, with over 10,000 ...

Stranger Things concept of the “Upside Down” is a useful way to think about the risks lurking in the software we all rely on.

North Korea is doubling down on a familiar playbook by weaponizing trust in open-source software and developer workflows. The ...

Hackers are on the hunt for open telnet ports in servers after discovering that a version of legacy client-server application ...

This was not a single company breach, the credentials were harvested from millions of infected user devices using infostealer malware. Binance appeared in the dataset ...

CrowdStrike shared its observations of the LABYRINTH CHOLLIMA – which itself operates under the wider umbrella of the Lazarus ...

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

A new Android malware campaign is using the Hugging Face platform as a repository for thousands of variations of an APK ...

A fake VS Code extension posing as a Moltbot AI assistant installed ScreenConnect malware, giving attackers persistent remote ...

A Microsoft Visual Studio Code extension for Moltbot turns out to actually deliver a malware payload to unsuspecting users.

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass ...