Open source has a malware problem, and it’s getting worse
Sonatype has published its Q2 2025 Open Source Malware Index, identifying 16,279 malicious open source packages across major ecosystems such as npm and PyPI. This brings the …
You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code
Popular AI chatbots powered by large language models (LLMs) often fail to provide accurate information on any topic, but researchers expect threat actors to ramp up their …
RIFT: New open-source tool from Microsoft helps analyze Rust malware
Microsoft’s Threat Intelligence Center has released a new tool called RIFT to help malware analysts identify malicious code hidden in Rust binaries. While Rust is becoming …
TikTok videos + ClickFix tactic = Malware infection
Malware peddlers are using TikTok videos and the ClickFix tactic to trick users into installing infostealer malware on their computers, Trend Micro researchers have warned. …
Lumma Stealer Malware-as-a-Service operation disrupted
A coordinated action by US, European and Japanese authorities and tech companies like Microsoft and Cloudflare has disrupted the infrastructure behind Lumma Stealer, the most …
Trojanized KeePass opens doors for ransomware attackers
A suspected initial access broker has been leveraging trojanized versions of the open-source KeePass password manager to set the stage for ransomware attacks, WithSecure …
Fake AI platforms deliver malware diguised as video content
A clever malware campaign delivering the novel Noodlophile malware is targeting creators and small businesses looking to enhance their productivity with AI tools. But, in an …
The many variants of the ClickFix social engineering tactic
As new malware delivery campaigns using the ClickFix social engineering tactic are spotted nearly every month, it’s interesting to see how the various attackers are …
The Zoom attack you didn’t see coming
Did you know that when participating in a Zoom call, you can grant permission to other participants to control your computer remotely? While this feature may come in handy …
Package hallucination: LLMs may deliver malicious code to careless devs
LLMs’ tendency to “hallucinate” code packages that don’t exist could become the basis for a new type of supply chain attack dubbed …
Beware fake AutoCAD, SketchUp sites dropping malware
Malware peddlers are saddling users with the TookPS downloader and the Lapmon and TeviRat backdoors via malicious sites that mimic official ones and ostensibly offer …
Open-source malware doubles, data exfiltration attacks dominate
There’s been a notable shift in the types of threats targeting software developers, with a total of 17,954 open source malware packages identified in Q1 2025, according …