Dustin Kirkland of Chainguard explains how verified, hardened components and AI-powered automation can prevent malware ...

In essence, MalTerminal is a malware generator. When adversaries bring it up, it asks if they want to create a ransomware ...

Zscaler reveals SilentSync remote access trojan hidden in two malicious PyPI Python packages, risking browser data theft and multi-OS compromise.

FileFix phishing attack in June 2025 delivers StealC malware via Bitbucket images, bypassing detection with obfuscation.

North Korean hackers are intensifying their global campaign against cryptocurrency and Web3 developers, using a new backdoor ...

New DDoS botnet ShadowV2 targets misconfigured Docker containers and offers a service model where customers launch their own ...

Two malicious packages with nearly 8,500 downloads in Rust's official crate repository scanned developers' systems to steal ...

ESET researchers reveal how malware operators collaborate with covert North Korean IT workers, posing a threat to both headhunters and job seekers.

The Python Package Index (PyPI), run by the Python Software Foundation, has officially invalidated all the publishing tokens that were stolen in the GhostAction supply chain attack that happened ...

The campaign detailed in the report, dubbed “ShadowV2,” is a Python-based command-and-control framework hosted on GitHub ...

A team of data thieves has doubled down by developing its CastleRAT malware in both Python and C variants. Both versions spread by tricking users into pasting malicious commands through a technique ...

Binance founder CZ Zhao issued urgent warnings about North Korean hackers infiltrating crypto companies through fake job ...