Hackers are hunting for vulnerable endpoints to deploy Python malware.

A report from ReversingLabs reveals a massive 73% increase in malicious open-source packages in 2025, with over 10,000 ...

Stranger Things concept of the “Upside Down” is a useful way to think about the risks lurking in the software we all rely on.

North Korea is doubling down on a familiar playbook by weaponizing trust in open-source software and developer workflows. The ...

Hackers are on the hunt for open telnet ports in servers after discovering that a version of legacy client-server application ...

This was not a single company breach, the credentials were harvested from millions of infected user devices using infostealer malware. Binance appeared in the dataset ...

CrowdStrike shared its observations of the LABYRINTH CHOLLIMA – which itself operates under the wider umbrella of the Lazarus ...

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

A fake VS Code extension posing as a Moltbot AI assistant installed ScreenConnect malware, giving attackers persistent remote ...

A Microsoft Visual Studio Code extension for Moltbot turns out to actually deliver a malware payload to unsuspecting users.

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass ...