Edge users beware — this malicious extension can break out of the sandbox and install ransomware

Researchers from Zscaler found a new malware campaign dubbed Edgecution.
The Hacker News

Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware

The North Korean state-sponsored hacking group known as ScarCruft (aka APT37) has been observed using spear-phishing messages impersonating Microsoft Account security notifications to deliver a new ...
TechSpot

New 7-Zip security flaw could put hundreds of millions of systems at risk

PSA: The widely used 7-Zip utility is once again affected by a potentially dangerous security vulnerability. The open-source file archiver can be exploited to execute malicious code by tricking users ...
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

In January 2026, Microsoft Defender Experts identified a new evolution in the ongoing ClickFix campaign. This updated tactic deliberately crashes victims’ browsers and then attempts to lure users into ...
Dark Reading

AI Bolsters Python Variant of Brazilian WhatsApp Attacks

Attackers behind a self-propagating malware campaign targeting Brazilian financial institutions have accelerated and upgraded their malicious activity, using artificial intelligence (AI) to spawn a ...
Infosecurity-magazine.com

Phishing Campaign Evolves into PureRAT Deployment, Linked to Vietnamese Threat Actors

A recent investigation has revealed a phishing campaign that began with a simple Python-based infostealer but ultimately led to the deployment of PureRAT, a full-featured commodity remote access ...
The Hacker News

SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers

Cybersecurity researchers have discovered two new malicious packages in the Python Package Index (PyPI) repository that are designed to deliver a remote access trojan called SilentSync on Windows ...
Bloomberg L.P.

Modernizing how traders enhance their workflows with Python API

Traders who code have an edge – Python skills are helping traders automate tasks and improve accuracy. Automation is solving workflow pain points – Leading firms are cutting manual steps and boosting ...
CSOonline

Attackers hide malicious code in Hugging Face AI model Pickle files

The popular Python Pickle serialization format, which is common for distributing AI models, offers ways for attackers to inject malicious code that will be executed on computers when loading models ...
Bleeping Computer

WhatsApp for Windows lets Python, PHP scripts execute with no warning

A security issue in the latest version of WhatsApp for Windows allows sending Python and PHP attachments that are executed without any warning when the recipient opens them. For the attack to be ...
InfoWorld

How to install Python the smart way

Learn how to get Python up and running on Windows, macOS, or Linux—and avoid the biggest pitfalls along the way. Python is easy to use, friendly to the beginner, and powerful enough to create robust ...
Bleeping Computer

Telegram fixes Windows app zero-day used to launch Python scripts

Telegram fixed a zero-day vulnerability in its Windows desktop application that could be used to bypass security warnings and automatically launch Python scripts. Over the past few days, rumors have ...