Pro tip, don't install PowerShell commands without approval A team of data thieves has doubled down by developing its ...

CastleRAT and CastleLoader, active since March 2025, spread malware via phishing and GitHub repos, enabling data theft.

A previously undocumented Python backdoor targeting VMware ESXi servers has been spotted, enabling hackers to execute commands remotely on a compromised system. VMware ESXi is a virtualization ...

According to ReversingLabs' 2025 Software Supply Chain Security Report, 14 of the 23 crypto-related malicious campaigns in ...

According to cybersecurity firm Hacken, financial losses from crypto hacks topped $440 million in the third quarter of 2024. Researchers at the Checkmarx cybersecurity firm sounded the alarm on a ...

IntroductionAPT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima) is a North Korean-aligned threat actor active since at least 2012. APT37 primarily targets South Korean individuals ...

New Python language libraries with end-to-end integrity help organizations build software safer and more efficiently KIRKLAND, Wash., May 14, 2025 /PRNewswire/ -- Chainguard, the secure foundation for ...

Few things are more strenuous than finding new employment— but even worse is when a potential new employer turns out to be fake and is instead using an apparent job opportunity as a way to infect you ...

Security researchers have identified a new cyber-threat targeting publicly exposed instances of the Docker Engine API. In this campaign, attackers exploit misconfigurations to deploy a malicious ...

With increased deployment of security solutions on cloud infrastructure, hackers have started adopting detection evasion tactics from Windows desktop computers to cloud environments. One such tactic ...

A threat actor has uploaded to the PyPI (Python Package Index) repository three malicious packages that carry code to drop info-stealing malware on developers' systems. The malicious packages, ...