CastleRAT and CastleLoader, active since March 2025, spread malware via phishing and GitHub repos, enabling data theft.

Pro tip, don't install PowerShell commands without approval A team of data thieves has doubled down by developing its ...

A previously undocumented Python backdoor targeting VMware ESXi servers has been spotted, enabling hackers to execute commands remotely on a compromised system.

According to ReversingLabs' 2025 Software Supply Chain Security Report, 14 of the 23 crypto-related malicious campaigns in ...

For the second time since March, a cybersecurity firm has discovered troubling malware software packages uploaded to the Python Package Index platform.

Threat actors building Python malware are getting better, and their payloads harder to detect, researchers have claimed. Analyzing a recently-detected malicious payload, JFrog reported how the ...

With Chainguard Libraries for Python, Chainguard delivers malware protection for one of the most critical and vulnerable parts of the supply chain — the language dependencies that developers ...

A well-resourced hacking operation has deployed newly developed trojan malware in a campaign targeting financial tech organisations with the aim of stealing email addresses, passwords and other ...

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. By Matthew Broersma IT security researchers have ...

Cybersecurity researchers recently discovered half a dozen typosquatting packages in the official PyPI repository of the Python programming languages that contained cryptomining malware. The ...