Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

A Chinese-speaking cybercrime group has expanded its targeting to the European space, deploying previously undocumented malware and the Atlas backdoor. Tracked as TA4922, the threat actor is ...

Detection and analysis tools for the atomic-lockfile supply-chain attack on the Arch User Repository (AUR), generalized to a campaign-based architecture that handles multiple concurrent and historical ...

An agentic coding tool tasked with running a seemingly benign GitHub repository could execute a malicious payload that is ...

Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other sensitive data.

Sophos X-Ops analysts published research this week concerning an unidentified threat actor using AI technology to develop endpoint detection and response (EDR) evasion tactics through the lens of what ...

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

A threat actor has been observed using AI coding tools to develop and refine malware designed to slip past endpoint detection and response (EDR) software, in what was presented as a red team project.

A new Chinese-speaking cybercrime group has expanded its reach from East Asia into Europe and Africa, while rapidly overhauling the malware it uses to break into corporate networks. According to new ...