SecurityWeek

CryptoBandits Malware Doubles as a Backdoor, Abuses Tor

The Windows-based CryptoBandits cryptocurrency clipper blends data exfiltration and remote code execution in a backdoor.
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...

Python dev saved from disaster by intuition... and AI

Python developer Roman Imankulov nearly took the bait. The fact that he didn't can be chalked up to human intuition and AI ...
Security Boulevard

JDownloader Website Hacked to Replace Installers With Python RAT Malware

The official JDownloader website was compromised between May 6 and May 7, 2026, with attackers replacing Windows and Linux installer download links with malicious payloads. JDownloader is a widely ...
GitHub

Magika GUI — Portable AI File Inspector

The ultimate deep-learning powered file identification tool — no installation required. Identify any file's true type using Google's deep learning model — even if the extension is changed, missing, or ...
TechSpot

Malware campaign lures users with fake Windows Update website

Editor's take: Microsoft has increasingly turned Windows Update into a point of frustration for some users, all while cybercriminals continue to exploit weaknesses in the Windows platform to deploy ...
Digital Trends

Do not fall for this fake Windows update support site. It’s spreading a password-stealing malware

If a website tells you to manually install a “Windows update” from a big blue download button, close that tab immediately. Malwarebytes has just spotted a fake Microsoft support website ...
Security Boulevard

This fake Windows support website delivers password-stealing malware

A fake Microsoft support website is tricking people into downloading what looks like a normal Windows update. Instead, it installs malware designed to steal passwords, payment details, and account ...
GitHub

️ PyGuard: Advanced Python Obfuscator & EXE Compiler

PyGuard is a professional-grade security tool designed to protect your Python source code from reverse engineering, unauthorized access, and tampering. It combines AES-256 encryption with C++ ...
InfoWorld

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation pipelines before being removed. PyPI is ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. "The attack targets Python ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hundreds of GitHub accounts were accessed using credentials stolen in the VS Code GlassWorm campaign. Threat actors have been abusing credentials stolen in the VS Code GlassWorm campaign to hack ...