SecurityWeek

Sophisticated Deep#Door Backdoor Enables Espionage, Disruption

The stealthy Python-based backdoor framework deploys a persistent Windows implant likely designed for espionage.

Script Injection and Data Theft: Python Data Analysis Tool Compromised

The popular Python package for monitoring data quality was briefly available as a malicious version. Provider Elementary ...
SecurityWeek

UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware

UNC6692 relies on email bombing and social engineering to infect victims with Snow malware: Snowbelt, Snowglaze, and ...
Windows Report

Hackers Abuse Microsoft Teams to Deploy Snow Malware and Steal Domain Credentials

Attackers exploit Microsoft Teams and Snow malware to steal credentials and take over enterprise networks through social ...
The Hacker News

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.
The Hacker News

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

DEEP#DOOR embeds a Python RAT in a dropper script, using bore[.]pub C2 to steal credentials and evade Windows defenses, ...
Infosecurity Magazine

Deep#Door Python Backdoor Evades Detection On Windows

A stealthy Python-based backdoor framework capable of long-term surveillance and credential theft has been identified ...
CSO Online

Dismantle implicit trust in OT networks, CISA tells critical infrastructure operators

The US Cybersecurity and Infrastructure Security Agency (CISA) has asked owners and operators of operational technology to ...

Microsoft now lets admins choose pre-installed Store apps to uninstall

Microsoft has updated a Windows 11 in-box app removal policy introduced in October to include a dynamic list that lets IT ...
Microsoft

Email threat landscape: Q1 2026 trends and insights

In early 2026, email threats increased with a rise in credential phishing, QR code phishing, and CAPTCHA-gated campaigns, ...

ClickUp Data Leak Exposes Enterprise Emails for Over a Year

A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security ...