Pro tip, don't install PowerShell commands without approval A team of data thieves has doubled down by developing its ...

CastleRAT and CastleLoader, active since March 2025, spread malware via phishing and GitHub repos, enabling data theft.

A previously undocumented Python backdoor targeting VMware ESXi servers has been spotted, enabling hackers to execute commands remotely on a compromised system.

The Infos3c Grabber Stealer specialises in stealing sensitive information such as passwords, cryptocurrency wallets, gaming accounts, and Discord/Telegram data. It also has capabilities to capture ...

ReversingLabs reveals hackers using Ethereum Smart contracts in NPM packages to conceal malware URLs, bypass scans, and ...

With Chainguard Libraries for Python, Chainguard delivers malware protection for one of the most critical and vulnerable parts of the supply chain — the language dependencies that developers ...

For the second time since March, a cybersecurity firm has discovered troubling malware software packages uploaded to the Python Package Index platform.

Security researchers found malware packages using the Ethereum blockchain to conceal malicious commands on GitHub repos.

Security researchers have identified a new cyber-threat targeting publicly exposed instances of the Docker Engine API. In this campaign, attackers exploit misconfigurations to deploy a malicious ...

North Korean hackers Lazarus Group pose as financial firms to provide malware disguised as a job opportunity.

The Python Package Index (PyPI) has temporarily suspended user registration and the creation of new projects to deal with an ongoing malware campaign.

The malware loads an XMRig Miner into memory using a known Linux fileless technique.