Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

Secure software supply chain solution provider Chainguard Inc. today expanded its Chainguard Repository product with malware ...

A North Korean hacking group is using Python-based malware disguised as fake job applications to target crypto workers. The malware, PylangGhost, is a variant of GolangGhost and aims to infiltrate ...

A known Chinese advanced persistent threat (APT) group known as Mustang Panda is the likely culprit behind a sophisticated, ongoing cyber-espionage campaign. It starts with a malicious email, and ...

A malicious Python package targeting Discord developers with remote access trojan (RAT) malware was spotted on the Python Package Index (PyPI) after more than three ...

Critical Telnet flaw (CVE-2026-24061) exposes 800,000 devices worldwide Attackers gain root access, attempt Python malware deployment after bypassing authentication Patch released; users urged to ...

A newly uncovered malicious package on the Python Package Index (PyPI) has raised fresh concerns about the security of open source software repositories. The package, named “dbgpkg,” was discovered by ...

Check out Python’s powerful new linters and profiling tools, and learn how virtual environments can save you time and trouble ...

A new campaign exploiting machine learning (ML) models via the Python Package Index (PyPI) has been observed by cybersecurity researchers. ReversingLabs said threat actors are using the Pickle file ...

One of North Korea's most sophisticated threat groups has been hiding remote access malware for macOS and Linux inside of open source Python packages. North Korean advanced persistent threats (APTs) ...

Russian state-backed hackers have stepped up their game with new malware families that hide behind fake CAPTCHA tests. The group, known as Star Blizzard or ColdRiver, now uses ClickFix attacks to ...