Zscaler reveals SilentSync remote access trojan hidden in two malicious PyPI Python packages, risking browser data theft and ...

CastleRAT and CastleLoader, active since March 2025, spread malware via phishing and GitHub repos, enabling data theft.

Pro tip, don't install PowerShell commands without approval A team of data thieves has doubled down by developing its ...

IntroductionAPT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima) is a North Korean-aligned threat actor active since at least 2012. APT37 primarily targets South Korean individuals ...

A threat actor named WhiteCobra has targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the ...

Proofpoint said this week that it had spotted a Chinese state-backed crew TA415 – also known as APT41, Wicked Panda or Brass ...

Cybersecurity firm HiddenLayer uncovers a “CopyPasta License Attack” that exploits Coinbase’s favored AI coding tool, Cursor.

ReversingLabs reveals hackers using Ethereum Smart contracts in NPM packages to conceal malware URLs, bypass scans, and ...

The TIOBE Index is an indicator of which programming languages are most popular within a given month. Each month, we examine ...

Widely adopted it is. The tool is freely available on PyPI, the world’s biggest Python Package Index, and it has been ...

This week, Microsoft hit RaccoonO365, Colt Technology Services, Finland charged a U.S. citizen in Vastaamo hack.

A sneaky malware campaign slithers through Cloudflare tunnel subdomains to execute in-memory malicious code and give unknown attackers long-term access to pwned machines.… Securonix threat hunters ...