CastleRAT and CastleLoader, active since March 2025, spread malware via phishing and GitHub repos, enabling data theft.

Python is even behind Netflix's Security Monkey tool, as well as a project called Prism, which helps identify vulnerabilities in source code.

PyPI is popular among Python programmers for sharing and downloading code. Since anyone can contribute to the repository, malware – sometimes posing as legitimate, popular code libraries – can ...

VS Code flaw lets attackers reuse deleted extension names, enabling ransomware payload delivery and supply chain risks.

Security researchers have identified a new cyber-threat targeting publicly exposed instances of the Docker Engine API. In this campaign, attackers exploit misconfigurations to deploy a malicious ...

The official repository for the widely used Python programming language has been tainted with modified code packages, a computer security authority in Slovakia warned. The authority also said the ...

With 35 million lines of Python code, the Athena trading platform is at the core of JPMorgan's business operations. A late start to migrating to Python 3 could create a security risk.