Lazarus Group concealed a four-module remote access toolkit inside six fake npm Rollup polyfill packages that fired at import ...
The same day OpenAI announced the most significant expansion of its Daybreak cybersecurity initiative since the platform launched in May, intelligence agencies from all five nations of the Five Eyes ...
The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic entities and stock investors with a backdoor known as SPECTRALVIPER. The ...
Cybernews researchers discovered an exposed database containing 24 billion records, including usernames, email addresses, plaintext passwords, and login URLs. The data appears to come from infostealer ...
A campaign active since last November has been targeting Python developers building Telegram bots with trojanized Pyrogram ...
Microsoft's Linux server distribution is now available as an ISO to install on your own server or virtual machine.
Secure software supply chain solution provider Chainguard Inc. today expanded its Chainguard Repository product with malware ...
According to researchers at cybersecurity companies Sekoia and YesWeHack, the packages are hosted on the Python Package Index (PyPI), a platform used by Python developers to source and share code.
Hypixel published a new community programme sharing Hytale's Server Source Code, with select community members and modders.
JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
Our tracking of OceanLotus activities from 2024–2026 reveals a shift in operational focus. During this period, the Vietnam-aligned OceanLotus adopted a more selective approach to external operations ...
Operation Navy Ghost is targeting Python developers who build Telegram bots by hiding backdoors inside trojanized Pyrogram forks uploaded to PyPI. The campaign has been active since November 2025, ...