Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

Hackers are hunting for vulnerable endpoints to deploy Python malware.

Researchers found a LinkedIn phishing campaign delivering a remote access trojan via DLL sideloading, WinRAR SFX files, and ...

Hackers are hunting for vulnerable endpoints to deploy Python malware.

Knostic found 1,862 MCP servers exposed with zero authentication. Here are five actions CISOs should take now.

Here's what to look out for ...

A malicious extension impersonating an ad blocker forces repeated browser crashes before pushing victims to run ...

Internet security watchdog Shadowserver tracks nearly 800,000 IP addresses with Telnet fingerprints amid ongoing attacks exploiting a critical authentication bypass vulnerability in the GNU InetUtils ...

The attack consists of a NexShield malicious browser extension, a social engineering technique to crash the browser, and a ...

A coordinated campaign has been observed targeting a recently disclosed critical-severity vulnerability that has been present ...

ClickFix variant CrashFix relies on a malicious Chrome extension to crash the browser and trick victims into installing the ...

A new around of vulnerabilities in the popular AI automation platform could let attackers hijack servers and steal ...