Discovered by Sysdig’s Threat Research Team, the malware campaign involved exploiting misconfigured instances of Open WebUI, ...

Attackers are exploiting misconfigured Open WebUI, a web-based interface for AI models with AI-generated malware.

Black Basta affiliates use Teams phishing, Python scripts, and cURL to attack finance, insurance, and construction sectors.

Today, more than half of the world's developers rely on Python, a programming language that has become the foundation of modern AI and machine learning applications. As the popularity of Python ...

With Chainguard Libraries for Python, Chainguard delivers malware protection for one of the most critical and vulnerable parts of the supply chain — the language dependencies that developers ...

New Python language libraries with end-to-end integrity help organizations build software safer and Introducing Chainguard Libraries for Python: Malware-Resistant Dependencies Built Entirely from ...

A significant supply chain attack hit NPM after 15 popular Gluestack packages with over 950,000 weekly downloads were ...

Supply chain attack infects 16 GlueStack npm packages used by 1M weekly users, enabling malware that steals data and controls ...

An APT hacking group known as 'Stealth Falcon' exploited a Windows WebDav RCE vulnerability in zero-day attacks since March 2025 against defense and government organizations in Turkey, Qatar, Egypt, ...

New malware campaign uses typo-squatting and fake developer packages to spread threats across Windows and Linux.

NPM packages with more than a million weekly downloads were compromised to deliver a RAT The attack could turn into a major ...