Microsoft

The Gentlemen ransomware: Dissecting a self-propagating Go encryptor

Microsoft Threat Intelligence presents a comprehensive analysis of The Gentlemen, a Go-based ransomware deployed by ...

Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...
Hosted on MSN

Gmail servers hijacked by malicious PyPI packages to spread havoc - here's how to stay safe

Socket found seven malicious packages on PyPI The packages were abusing Gmail and WebSocket They were removed from the platform Several malicious PyPI packages were recently observed abusing Gmail to ...
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...