Malicious PyTorch Lightning Packages Found on PyPI
The post Malicious PyTorch Lightning Packages Found on PyPI appeared first on 2024 Sonatype Blog. TL;DR Two malicious versions of...
Malware
New NGate variant hides in a trojanized NFC payment app
ESET Research has discovered a new variant of the NGate malware family that abuses a legitimate Android application called HandyPay,...
New NGate variant hides in a trojanized NFC payment app
ESET Research has discovered a new variant of the NGate malware family that abuses a legitimate Android application called HandyPay,...
FBI and International Agencies Shut Down Scam Centers, Arrest 276 People
The FBI and international law enforcement agencies shut down nine scam centers used to run cryptocurrency investment scams and arrested...
Fast16 Malware
Fast16 Malware Researchers have reverse-engineered a piece of malware named Fast16. It’s almost certainly state-sponsored, probably US in origin, and...
Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software
Cybersecurity researchers have discovered a new Lua-based malware created years before the notorious Stuxnet worm that aimed to sabotage Iran's...
Bitwarden CLI Compromise Linked to Ongoing Checkmarx Supply Chain Campaign
The command line interface (CLI) of the popular Bitwarden open source password manager is the latest target the ongoing Checkmarx...
Fake Google Antigravity Installer Can Steal Accounts in Minutes
Image generated from Gemini Nano Banana A fake Google Antigravity download is exposing user accounts to compromise within minutes. What...
Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems
Cybersecurity researchers have flagged a new malware called ZionSiphon that appears to be specifically designed to target Israeli water treatment...
108 malicious Chrome extensions caught stealing Google and Telegram data from 20,000 users
Cybersecurity researchers have revealed that 108 malicious Google Chrome extensions have been quietly stealing user credentials, hijacking Telegram sessions, and...
OpenAI Follows Anthropic in Limiting Access to Its Cyber-Focused Model
It was only a week ago that Anthropic sent shockwaves through the cybersecurity industry with the announcement of Claude Mythos...
Massive Chrome Extension Scam Exposes 20,000 Users to Data Theft
Image: Generated via Google Nano Banana About 20,000 people have had their data stolen by a single hacking group that...
Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa
Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa Pierluigi Paganini April 07, 2026 China-based actor Storm-1175 runs...
Claude Code Packaging Error Remains a Lure in an Active Campaign: What Defenders Should Do
Key takeaways: Attackers rapidly leveraged the Claude Code packaging error incident to distribute credential-stealing malware using fake GitHub repositories. This demonstrates how quickly threat actors can...
Phishing LNK files and GitHub C2 power new DPRK cyber attacks
Phishing LNK files and GitHub C2 power new DPRK cyber attacks Pierluigi Paganini April 06, 2026 DPRK-linked hackers use GitHub...
