Trends in open-source software supply chain attacks – ones that exploit the public platforms developers rely on for software ...

Malware campaign abuses Cloudflare Tunnel and phishing lures to deliver in-memory RATs across multiple regions.

A DPRK-linked group is using fake job sites and Python malware to infiltrate Windows systems of blockchain professionals — ...

A new Python-based remote access Trojan (RAT) known as PylangGhost is being deployed in cyber campaigns attributed to the ...

North Korean hackers lured crypto professionals with fake job interviews to deploy new Python-based malware, PylangGhost.

Discovered by ReversingLabs, the campaign reflects a shift in open-source software supply chain attacks. While overall ...

A new cybersecurity campaign has exposed 67 trojanized GitHub repositories, targeting gamers and developers with malicious ...

A threat actor is abusing Cloudflare Tunnels for the delivery of a Python loader as part of a complex infection chain.

Chimera-sandbox-extensions” exploit highlights rising risks of open-source package abuse, prompting calls for stricter ...

Many open-source repositories contain privileged GitHub Actions workflows that execute untrusted code and can be triggered by ...

A threat campaign has been targeting software developers through GitHub repos that, at first glance, look completely ...

Trend Micro and ReversingLabs uncovered over 100 GitHub accounts distributing malware embedded in open source hacking tools.