The Hacker News

SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers

Zscaler reveals SilentSync remote access trojan hidden in two malicious PyPI Python packages, risking browser data theft and ...
The Register on MSN

AI-powered penetration tool, an attacker's dream, downloaded 10K times in 2 months

Shady, China-based company, all the apps needed for a fully automated attack - sounds totally legit Villager, a new ...
Bleeping Computer

Python info-stealing malware uses Unicode to evade detection

A malicious Python package on PyPI uses Unicode as an obfuscation technique to evade detection while stealing and exfiltrating developers' account credentials and other sensitive data from compromised ...
The Hacker News

Chinese TA415 Uses VS Code Remote Tunnels to Spy on U.S. Economic Policy Experts

The campaign, per Proofpoint, mainly focused on individuals who specialized in international trade, economic policy, and U.S.-China relations, sending them emails spoofing the U.S.-China Business ...
Security Boulevard

APT37 Targets Windows with Rust Backdoor and Python Loader

IntroductionAPT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima) is a North Korean-aligned threat actor active since at least 2012. APT37 primarily targets South Korean individuals ...
InfoWorld

VS Code 1.104 emphasizes AI model selection, agent security

The latest update to Microsoft’s code editor previews an automatic model selection capability and improvements to agent ...
Security Boulevard

Top 10 Essential DevOps Tools to Use in 2025 and Beyond

Explore the essential DevOps tools for 2025 that enhance automation, monitoring, and collaboration. Discover the latest technologies including IaC, CI/CD, conta ...