In a stark reminder of the vulnerabilities inherent in open-source ecosystems, new revelations confirm that attackers are targeting Python Package Index (PyPI) repositories with sophisticated, multi-stage malware.
Security firm JFrog recently identified and reported a malicious package, “chimera-sandbox-extensions,” uploaded by the user “chimerai.”
Unlike...
Security researchers have uncovered a new campaign leveraging a variant of the Atomic macOS Stealer (AMOS), deploying a sophisticated blend of phishing and technical exploitation to target both consumer and corporate macOS users.
The campaign, first detected in early June 2025, uses typosquatted domains mimicking U.S....