GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python ...

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain.

It’s a great, easy way to turn your handwriting into a font, but you can use it to create any typeface you can imagine as ...

Cybernews researchers uncovered numerous OpenWebUI instances that were silently running malware.

You don't need to be a developer to build your own crypto bot. Here's how traders are doing it in 30 minutes, for free.

Chainguard is racing to fix trust in AI-built software - here's how ...

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across ...

The GlassWorm malware made news when it pivoted from exclusively targeting Windows users to also targeting Mac OS users in January, and in the time since, the malware campaign has spread across at ...

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...