Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

North Korean hackers used an updated version of a known backdoor to target a popular npm package.

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver ...

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.

Anthropic’s leak of proprietary Claude Code sparked the developer community to group around “claw-code,” the fastest-growing ...

International cybersecurity firms had been tracking a sophisticated malware strain called PXA Stealers for months, tracing it ...

A newly documented BlankGrabber infection chain is using a bogus “certificate” loader to disguise a multi-stage Windows compromise, adding another layer of deception to a commodity stealer already ...

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...

Sigrid Jin woke up to chaos and shipped "Claw Code" by breakfast. Here's everything it taught the world.

Anthropic is scrambling to contain the leak, but the AI coding agent is spreading far and wide and being picked apart.

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...