In the latest supply chain attack, an unknown threat actor has created a malicious Python package that appears to be a software development kit (SDK) for a well-known security client from SentinelOne.

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

A well-resourced hacking operation has deployed newly developed trojan malware in a campaign targeting financial tech organisations with the aim of stealing email addresses, passwords and other ...

The newly discovered Python-based malware family targets the Outlook processes, and browser credentials, of Microsoft Windows victims. Researchers have discovered a new information-stealing trojan, ...

The Evilnum APT has added the RAT to its arsenal as part of a big change-up in its TTPs. The Evilnum group, which specializes in targeting financial technology companies, has debuted a new tool: A ...

A new campaign tracked as “Dev Popper” is targeting software developers with fake job interviews in an attempt to trick them into installing a Python remote access trojan (RAT). The developers are ...

Researchers found a LinkedIn phishing campaign delivering a remote access trojan via DLL sideloading, WinRAR SFX files, and ...

No one loves being asked mid-interview to prove their chops with a short assignment: The pressure's on, the stakes are high, and the interviewer is watching you like a hawk. But according to security ...

A new Android malware campaign is using the Hugging Face platform as a repository for thousands of variations of an APK payload that collects credentials for popular financial and payment services.