CastleRAT and CastleLoader, active since March 2025, spread malware via phishing and GitHub repos, enabling data theft.

Pro tip, don't install PowerShell commands without approval A team of data thieves has doubled down by developing its ...

A previously undocumented Python backdoor targeting VMware ESXi servers has been spotted, enabling hackers to execute commands remotely on a compromised system.

IntroductionAPT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima) is a North Korean-aligned threat actor active since at least 2012. APT37 primarily targets South Korean individuals ...

For the second time since March, a cybersecurity firm has discovered troubling malware software packages uploaded to the Python Package Index platform.

Threat actors building Python malware are getting better, and their payloads harder to detect, researchers have claimed. Analyzing a recently-detected malicious payload, JFrog reported how the ...

With Chainguard Libraries for Python, Chainguard delivers malware protection for one of the most critical and vulnerable parts of the supply chain — the language dependencies that developers ...

A well-resourced hacking operation has deployed newly developed trojan malware in a campaign targeting financial tech organisations with the aim of stealing email addresses, passwords and other ...

The use of Python means the PWOBot malware could easily be ported to different operating systems, says Palo Alto Networks.

Cybersecurity researchers recently discovered half a dozen typosquatting packages in the official PyPI repository of the Python programming languages that contained cryptomining malware. The ...