How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to distribute credential‑stealing payloads.

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering ...

JFrog security researchers have exposed two critical vulnerabilities (CVE-2026-1470, rated 9.9; and CVE-2026-0863, rated 8.5) in the n8n workflow automation platform.

Two vulnerabilities in n8n’s sandbox mechanism could be exploited for remote code execution (RCE) on the host system.

Researchers disclosed two n8n vulnerabilities that let authenticated users bypass JavaScript and Python sandboxes to run ...

Hackers are hunting for vulnerable endpoints to deploy Python malware.

Hackers are hunting for vulnerable endpoints to deploy Python malware.

I'm made of much less brittle plastic, though.

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass ...

Microsoft has patched 112 vulnerabilities in January 2026, including CVE-2026-20805, a Desktop Window Manager zero-day that ...