The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and Linux. Version 1.14.1, released by the attackers on March 30, is affected.
A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler. The attack uses the ClickFix ...
The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation pipelines before being removed. PyPI is ...
High-value organizations located in South, Southeast, and East Asia have been targeted by a Chinese threat actor as part of a years-long campaign. The activity, which has targeted aviation, energy, ...
This blogpost introduces our latest white paper, presented at Virus Bulletin 2025, where we detail the operations of the North Korea-aligned threat actor we call DeceptiveDevelopment and its ...
Fake Alibaba Labs AI SDKs hosted on PyPI included PyTorch models with infostealer code inside. With support for detecting malicious code inside ML models lacking, expect the technique to spread.
The financially motivated threat actor known as FIN7 has been linked to a Python-based backdoor called Anubis (not to be confused with an Android banking trojan of the same name) that can grant them ...
To use the App Store Server API or create promotional offer signatures, a signing key downloaded from App Store Connect is required. To obtain this key, you must have the Admin role. Go to Users and ...
A malicious campaign that researchers observed growing more complex over the past half year, has been planting on open-source platforms hundreds of info-stealing packages that counted about 75,000 ...
Newly discovered campaign takes advantage of the fact that most vulnerability scanning tools don't read compiled open-source software. Attackers who are targeting open-source package repositories like ...