Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering ...

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to distribute credential‑stealing payloads.

Python infostealers are spreading from Windows to macOS via Google Ads, ClickFix lures, and fake installers to steal credentials and financial data.

An emerging phishing campaign is exploiting a dangerous combination of legitimate Cloudflare services and open source Python tools to deliver the commodity AsyncRAT. The attack demonstrates threat ...

Hacktivist group claims a 2.3-terabyte data breach exposes information of 36 million Mexicans, but no sensitive accounts are ...

A report from ReversingLabs reveals a massive 73% increase in malicious open-source packages in 2025, with over 10,000 ...

Open source malware surged 73% in 2025, with npm as a key target with rising risks in software supply chains and developer environments.

The Python-based information stealer SolyxImmortal uses legitimate APIs and libraries for stealthy data gathering and ...

Hackers are hunting for vulnerable endpoints to deploy Python malware.

A coordinated campaign has been observed targeting a recently disclosed critical-severity vulnerability that has been present ...

Internet security watchdog Shadowserver tracks nearly 800,000 IP addresses with Telnet fingerprints amid ongoing attacks exploiting a critical authentication bypass vulnerability in the GNU InetUtils ...

New WhatsApp Web attack spreads self-propagating ZIP files containing Astaroth banking malware through trusted conversations. Boto Cor-de-Rosa campaign tracks delivery success.