A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.

A newly documented BlankGrabber infection chain is using a bogus “certificate” loader to disguise a multi-stage Windows compromise, adding another layer of deception to a commodity stealer already ...

A new ClickFix attack that leverages a Nuitka loader targets macOS users with the Python-based Infiniti Stealer malware.

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

TeamPCP hackers say AI helped them launch a devastating spree of attacks. But they wouldn’t have succeeded if developers’ ...

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...

Abstract: This research presents an AI-driven framework to detect polymorphic malware, which constantly changes its code to evade detection. Traditional methods struggle against such dynamic threats, ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

The Trivy story is moving quickly, and the latest reporting makes one thing clear: this is no longer just a GitHub Actions ...

A phishing campaign targeting healthcare, government, hospitality, and education sectors uses several evasion techniques to ...