Named PCPJack, the framework was discovered on April 28 by a hunting rule on Google's VirusTotal malware scanning service ...
ZiChatBot malware spread via 3 PyPI packages in July 2025 uses Zulip APIs as C2, enabling stealthy attacks across systems ...
Threat actors are targeting macOS users with fake utility fixes that trick them into running malicious Terminal commands.
A previously undocumented .NET trojan and its companion Pheno plugin allow attackers to capture mobile authentication codes ...
Morning Overview on MSN
Hackers poisoned the PyTorch Lightning AI package and it started stealing credentials the moment you imported it
A single line of Python code was all it took. Developers who ran import lightning after installing versions 2.6.2 or 2.6.3 of ...
Morning Overview on MSN
PyTorch Lightning versions 2.6.2 and 2.6.3 were compromised on April 30 — check your installs
On April 30, 2026, someone slipped credential-stealing malware into two freshly published versions of PyTorch Lightning, one ...
TL;DR Two malicious versions of the popular PyTorch Lightning package have been uploaded to PyPI following the publisher ...
Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
Publicly released exploit code for an effectively unpatched vulnerability that gives root access to virtually all releases of ...
A stealthy Python-based backdoor framework capable of long-term surveillance and credential theft has been identified ...
Copy Fail, a logic bug in the Linux kernel, allows users to write 4-byte code into other files’ page cache and achieve root ...
Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results