The popular Python package for monitoring data quality was briefly available as a malicious version. Provider Elementary ...

The open-source package elementary-data, with over a million downloads per month, has been compromised. Attackers exploited a vulnerability in a GitHub ...

A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged ...

A widely used open-source PyPI package, elementary-data, was compromised in a targeted attack that inserted infostealer malware via a GitHub Actions vulnerability. The malicious update, version 0.23.3 ...

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.

Python’s simplicity and versatility make it a go-to language for cybersecurity, from automating security checks to building encryption tools. With hands-on projects, you can quickly move from learning ...

Over the past few months Kaspersky has detected an increase in phishing campaigns targeting organisations in South Africa, India, Indonesia, and Russia across industrial, consulting, trade and ...

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...

A threat group tracked as UNC6692 uses social engineering to deploy a new, custom malware suite named 'Snow' which includes a ...

Copy Fail, a logic bug in the Linux kernel, allows users to write 4-byte code into other files’ page cache and achieve root ...

UNC6692 relies on email bombing and social engineering to infect victims with Snow malware: Snowbelt, Snowglaze, and ...

A previously unknown threat group using tried-and-tested social engineering tactics - Microsoft Teams chat invitations and ...