Witnessing aggressive python behavior in the wild ...

ZiChatBot malware spread via 3 PyPI packages in July 2025 uses Zulip APIs as C2, enabling stealthy attacks across systems ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.

Florida's opossums could soon become weaponized against prolific and invasive Burmese pythons by tracking them.

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a vulnerability in the developers’ account workflow that gave access to its signing keys ...

“Dying, I think, is harder than death,” says Gould. In Western culture the process is typically outsourced, medicalised, ...

He has been besieged by birds, had 120m crabs try to crawl up his trouser leg and stayed cool beside an erupting Icelandic volcano. As David Attenborough turns 100, we celebrate his most extraordinary ...

Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering ...

Four research teams found the same confused deputy failure in Claude across three surfaces in 48 hours. This audit matrix ...