CastleRAT and CastleLoader, active since March 2025, spread malware via phishing and GitHub repos, enabling data theft.

Cybersecurity firm HiddenLayer uncovers a “CopyPasta License Attack” that exploits Coinbase’s favored AI coding tool, Cursor.

Researchers at the Checkmarx cybersecurity firm sounded the alarm on a dangerous form of malware uploaded to the Python Package Index (PyPI) — a platform for Python developers to download and ...

Cybersecurity researchers recently discovered half a dozen typosquatting packages in the official PyPI repository of the Python programming languages that contained cryptomining malware. The ...

Threat actors building Python malware are getting better, and their payloads harder to detect, researchers have claimed. Analyzing a recently-detected malicious payload, JFrog reported how the ...

Chainguard, the secure foundation for software development and deployment, today announced Chainguard Libraries for Python, an index of malware-resistant Python dependencies built securely from ...

These malicious packages - deploying cyberespionage backdoors and targeting Windows and Linux systems - were found circulating via the PyPI repository. Security experts expect the problem to continue.

A new malware attack is targeting Mac computers with a Python-based backdoor Trojan. And Windows computers aren’t getting away scott free either.

Members of the North Korean hacker group Lazarus posing as recruiters are baiting Python developers with coding test project for password management products that include malware.

A well-resourced hacking operation has deployed newly developed trojan malware in a campaign targeting financial tech organisations with the aim of stealing email addresses, passwords and other ...