The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python ...

A phishing campaign targeting healthcare, government, hospitality, and education sectors uses several evasion techniques to ...

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a ...

Experts warn the campaign could outpace past global cyberattacks, with hundreds of thousands of credentials already ...

During tax season, threat actors reliably take advantage of the urgency and familiarity of time-sensitive emails, including ...

Pakistan-linked state-sponsored threat group APT36 has begun using AI coding tools to bombard targets with mass produced malware that appears designed to overwhelm defenses not through technical ...

GlassWorm uses Solana and Google Calendar dead drops to deliver RAT stealing browser data and crypto wallets, impacting ...

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...