CSO Online

Sicarii ransomware locks your data and throws away the keys

A key-handling defect in the ransomware can permanently lock files by discarding private encryption keys, leaving affected ...
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

Hugging Face abused to spread thousands of Android malware variants

A new Android malware campaign is using the Hugging Face platform as a repository for thousands of variations of an APK ...
Infosecurity-magazine.com

Infosecurity Magazine

Adversaries are adopting a more precise approach to supply chain compromise. Organizations need to rethink what “secure software” really means.