CastleRAT and CastleLoader, active since March 2025, spread malware via phishing and GitHub repos, enabling data theft.

Pro tip, don't install PowerShell commands without approval A team of data thieves has doubled down by developing its ...

Security researchers found malware packages using the Ethereum blockchain to conceal malicious commands on GitHub repos.

Threat actors building Python malware are getting better, and their payloads harder to detect, researchers have claimed. Analyzing a recently-detected malicious payload, JFrog reported how the ...

A well-resourced hacking operation has deployed newly developed trojan malware in a campaign targeting financial tech organisations with the aim of stealing email addresses, passwords and other ...

For the second time since March, a cybersecurity firm has discovered troubling malware software packages uploaded to the Python Package Index platform.

Cybersecurity researchers recently discovered half a dozen typosquatting packages in the official PyPI repository of the Python programming languages that contained cryptomining malware. The ...

10 malicious Python packages exposed in latest repository attack Supply-chain attacks are moving GitHub toward digitally signed packages.

A new malware attack is targeting Mac computers with a Python-based backdoor Trojan. And Windows computers aren’t getting away scott free either.