Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based code analysis systems into overlooking malicious payloads. Threat actors ...
Security tooling is not written in a single language. Python powers most automation. C sits at the exploit layer. PowerShell ...
The hunt is on to find protections against the coming generation of adaptive AI worm malware in order to head off a global incident on the scale of other famous worm events, such as NotPetya, Stuxnet, ...
Microsoft discovered a self-spreading USB worm active since February that monitors clipboards for crypto wallets and routes stolen data through Tor.
The North Korean state-sponsored hacking group known as ScarCruft (aka APT37) has been observed using spear-phishing messages impersonating Microsoft Account security notifications to deliver a new ...
A variant of the infamous Shai-Hulud worm wreaked havoc on Microsoft's code repositories, triggering disruptions to CI/CD workflows and heightening concerns about increasing software supply chain ...
The Windows-based CryptoBandits cryptocurrency clipper blends data exfiltration and remote code execution in a backdoor.
Cybersecurity researchers have uncovered two hijacked npm packages and a cluster of Go packages that are designed to deploy a Python-based information stealer on compromised Windows, Linux, and macOS ...
On June 5, 2026, the Miasma worm campaign reached Microsoft’s Azure GitHub organizations. GitHub disabled 73 repositories across four Microsoft GitHub organizations after a malicious commit was pushed ...
Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, disrupting continuous integration pipelines. The incident occurred on June 5, ...
Cybersecurity researchers at Microsoft have uncovered a sophisticated piece of malware that spreads through USB drives, intercepts cryptocurrency wallet ...