CastleRAT and CastleLoader, active since March 2025, spread malware via phishing and GitHub repos, enabling data theft.

Consider [Tushar Sadhwani] who wanted to create a classic C-style for loop inside of Python. He did it, and the journey is perhaps more interesting than the result.

They could photograph hackers using the cameras built-in to the miscreant’s computer, infect the hacker with malware, or physically disable the suspected IP thief’s computer.