Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Open-source software repositories have become one of the main entry points for attackers as part of supply chain attacks, with growing waves using typosquatting and masquerading, pretending to be legitimate. The JFrog Security Research team regularly monitors open-source software repositories using advanced automated tools, in order to detect malicious packages.

During a recent Advanced Continual Threat Hunt (ACTH) investigation, the Trustwave SpiderLabs Threat Hunt team identified a deceptive campaign that abused fake AI-themed content to lure users into executing a malicious, pre-configured ScreenConnect installer.

More than 16 billion passwords, cookies and tokens were recently exposed in one of the largest data breaches in history. The scale of the theft, with data from services including Google, Apple, Facebook, Amazon and Microsoft, makes one conclusion clear: credentials are the first step in compromising critical data.

In our 2025 State of the Underground report, we found that 384 unique varieties of malware were sold across the top three criminal forums in 2024, a 10% increase from 349 in 2023, signifying an expansion in the underground malware marketplace. These figures reflect malware explicitly offered for sale (not shared freely), and each distinct version or naming variation is counted independently.

In our previous post, we highlighted a key insight from the 2025 KuppingerCole Leadership Compass: securing AI depends on securing APIs first. The report emphasizes that as AI use grows, the attack surface for APIs becomes more complex and risky. With many solutions available, navigating vendor claims can be challenging, making independent expert analysis extremely valuable.

PayPal was established in 1998 by Peter Thiel, Luke Nosek, and Max Levchin. The application's goal was cybersecurity for handheld devices before pivoting to a digital wallet. It merged with X.com in 2000 and was later rebranded for online payment systems. After spinning off from eBay in 2015, the platform expanded globally to democratize financial services to ensure everyone can access convenient products.

IT and security leadership faces daily pressures to respond swiftly to emerging challenges. This often leads to tactical, short-term decisions aimed at extinguishing immediate fires. Although these responses may address urgent concerns temporarily, they rarely provide lasting value or strategic clarity.

Security teams receive thousands of threat indicators daily. IP addresses, domain names, file hashes, and vulnerability advisories flood their inbox from multiple intelligence feeds. Yet when the next breach happens, you're still caught off guard. Sound familiar? The problem isn't a lack of information; it's a lack of context.

Researchers uncover malicious Python packages, PipeMagic masquerades as a ChatGPT desktop app, and Noodlophile Stealer targets enterprises through social media.

We are pleased to announce that Internxt has passed its second consecutive security audit for all its services from the leading independent European pentesting company, Securitum, which also works with firms as relevant as Proton. Having become the first cloud storage with post-quantum, plus our zero-knowledge policies, when we say your data is private and secure from hackers, it’s not just a claim, but verifiable by external security professionals and experts in the field.