Pro tip, don't install PowerShell commands without approval A team of data thieves has doubled down by developing its ...

Chainguard, the secure foundation for software development and deployment, today announced Chainguard Libraries for Python, an index of malware-resistant Python dependencies built securely from ...

CastleRAT and CastleLoader, active since March 2025, spread malware via phishing and GitHub repos, enabling data theft.

These malicious packages - deploying cyberespionage backdoors and targeting Windows and Linux systems - were found circulating via the PyPI repository. Security experts expect the problem to continue.

Threat actors building Python malware are getting better, and their payloads harder to detect, researchers have claimed. Analyzing a recently-detected malicious payload, JFrog reported how the ...

According to ReversingLabs' 2025 Software Supply Chain Security Report, 14 of the 23 crypto-related malicious campaigns in ...

For the second time since March, a cybersecurity firm has discovered troubling malware software packages uploaded to the Python Package Index platform.

A well-resourced hacking operation has deployed newly developed trojan malware in a campaign targeting financial tech organisations with the aim of stealing email addresses, passwords and other ...

Members of the North Korean hacker group Lazarus posing as recruiters are baiting Python developers with coding test project for password management products that include malware.

The growing threat of malware in the Python ecosystem Today, more than half of the world's developers rely on Python, a programming language that has become the foundation of modern AI and machine ...