North Korea-linked ScarCruft uses fake Microsoft Account alerts and ZIP files to deliver NarwhalRAT, a Python RAT built for ...

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

The Windows-based CryptoBandits cryptocurrency clipper blends data exfiltration and remote code execution in a backdoor.

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal ...

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

Cybersecurity researchers at Microsoft have uncovered a sophisticated piece of malware that spreads through USB drives, intercepts cryptocurrency wallet ...

A new variant of the Gafgyt botnet called C0XMO is targeting DD-WRT router firmware and can move to other device types with various CPU architectures.

AI coding agent skills library claude-skills ships 345 free, MIT-licensed packages for Claude Code, Codex, Cursor, Gemini CLI ...

As if the Miasma situation weren't bad enough, now this weapon is spreading like wildfire. Someone open sourced the entire ...

There's another likely North Korean-linked scam hitting developers and their employers, while snarfing up credentials and ...