Open source malware surged 73% in 2025, with npm as a key target with rising risks in software supply chains and developer environments.

A report from ReversingLabs reveals a massive 73% increase in malicious open-source packages in 2025, with over 10,000 ...

Stranger Things concept of the “Upside Down” is a useful way to think about the risks lurking in the software we all rely on.

According to the firm’s latest supply chain security report, there was a 73% increase in detections of malicious open-source packages in 2025. The past year also saw a huge jump in the scope of ...

ReversingLabs (RL), the trusted name in file and software security, today released its fourth annual Software Supply Chain Security Report. The 2026 ...

This was not a single company breach, the credentials were harvested from millions of infected user devices using infostealer ...

Hackers are hunting for vulnerable endpoints to deploy Python malware.

North Korea is doubling down on a familiar playbook by weaponizing trust in open-source software and developer workflows. The ...

Internet security watchdog Shadowserver tracks nearly 800,000 IP addresses with Telnet fingerprints amid ongoing attacks exploiting a critical authentication bypass vulnerability in the GNU InetUtils ...

A coordinated campaign has been observed targeting a recently disclosed critical-severity vulnerability that has been present ...

Abstract: Malicious Python packages make software supply chains vulnerable by exploiting trust in open-source repositories like Python Package Index (PyPI). Lack of real-time behavioral monitoring ...

Once up and running, that malicious DLL file pops a Python interpreter onto the system, which runs a script to create a ...