Microsoft

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...

7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes

Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...
Security Boulevard

When AI Agents Become Bots: A Field Report from the Authentication Layer

Security vendors and their customers have spent considerable time debating where to draw the line between “legitimate” AI agents and “malicious” bots. A 31-day campaign against a major consumer ...
The Straits Times

Anthropic looks to set up shop in Singapore, fill roles in finance and product support

SINGAPORE – Anthropic, the San Francisco-based research firm behind the popular artificial intelligence tool Claude, is looking to set up a presence in Singapore. On June 4, the careers page on its ...
Bleeping Computer

New Infinity Stealer malware grabs macOS data via ClickFix lures

A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler. The attack uses the ClickFix ...
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

In January 2026, Microsoft Defender Experts identified a new evolution in the ongoing ClickFix campaign. This updated tactic deliberately crashes victims’ browsers and then attempts to lure users into ...
Infosecurity-magazine.com

VVS Stealer Uses Advanced Obfuscation to Target Discord Users

A Python-based malware family known as VVS stealer has been observed using advanced obfuscation and stealth techniques to target Discord users and extract sensitive ...
The Hacker News

Python-Based WhatsApp Worm Spreads Eternidade Stealer Across Brazilian Devices

Cybersecurity researchers have disclosed details of a new campaign that leverages a combination of social engineering and WhatsApp hijacking to distribute a Delphi-based banking trojan named ...
The Hacker News

SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers

Cybersecurity researchers have discovered two new malicious packages in the Python Package Index (PyPI) repository that are designed to deliver a remote access trojan called SilentSync on Windows ...
GitHub

TLS Requests is a powerful Python library for secure HTTP requests, offering browser-like ...

To install the library, you can choose between two methods: TLS Requests is a cutting-edge HTTP client for Python, offering a feature-rich, highly configurable alternative to the popular requests ...
Bleeping Computer

Critical Docker Desktop flaw lets attackers hijack Windows hosts

A critical vulnerability in Docker Desktop for Windows and macOS allows compromising the host by running a malicious container, even if the Enhanced Container Isolation (ECI) protection is active. The ...
theregister

Python-powered malware snags hundreds of credit cards, 200K passwords, and 4M cookies

More than 4,000 victims across 62 countries have been infected by stealthy infostealers pilfering people's passwords, credit card numbers, and browser cookies, which are then sold to other criminals ...