For the 2nd time in weeks, Microsoft packages laced with credential stealer

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...
Dark Reading

'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud

Threat actors have struck the software supply chain yet again, this time hitting the Python Package Index (PyPI) with Mini Shai-Hulud in an attempt to spread poisoned code. In the latest campaign, ...

Fake Claude Code Installers Deliver Credential-Stealing Malware

Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other ...
moneycontrol.com

New Android Malware with factory reset resistance is affecting millions of devices: Here's what you need to know

Did our AI summary help? Since the inception of the Android ecosystem, we have always been told to download apps from the official Android marketplace, the Google Play Store, and to avoid sideloading ...
The Enterprise

ANY.RUN Releases Malware Trends Report for Q4 2025, Highlighting Key Threat Landscape Shifts

DUBAI, DUBAI, UNITED ARAB EMIRATES, January 7, 2026 /EINPresswire.com/ — ANY.RUN, a leading provider of interactive malware analysis and threat intelligence ...
Bisnow

JPMorgan, Citi, Other Banking Giants Impacted By Mortgage Software Hack

A data breach at a mortgage software firm has left some of Wall Street’s biggest banks scrambling to secure customer data. SitusAMC, a platform used by hundreds of banks to originate and service real ...
IEEE

Detecting Python Malware in the Software Supply Chain with Program Analysis

Abstract: The frequency of supply-chain attacks has reached unprecedented levels, amounting to a growing concern about the security of open-source software. Existing state-of-the-art techniques often ...
TMCnet

Introducing Chainguard Libraries for Python: Malware-Resistant Dependencies Built Entirely from Source

New Python language libraries with end-to-end integrity help organizations build software safer and With Chainguard Libraries for Python, Chainguard delivers malware protection for one of the most ...
thecyberexpress

Malware Bypasses Chrome App-Bound Encryption With Dual Injection

Cyble researchers have discovered a sophisticated malware attack that uses dual injection techniques to bypass Google Chrome’s App-Bound Encryption. Chrome App-Bound Encryption was introduced last ...