Key incidents include the sentencing of high-profile cybercriminals, enhanced supply chain protections by PyPI, the evolution of the Noodlophile infostealer, and a sophisticated DPRK-linked espionage campaign using the MoonPeak RAT.

A widespread cryptocurrency scam campaign has been uncovered, where threat actors distribute malicious Ethereum smart contracts disguised as trading bots. These contracts have collectively stolen over $900,000 USD from unsuspecting users.

A sophisticated infostealer campaign leveraging the Python-based PXA Stealer has compromised over 4,000 systems across 62 countries. The campaign exfiltrates credentials, cookies, and financial data via Telegram bots and Cloudflare Workers.

A new variant of the macOS.ZuRu malware has resurfaced, targeting macOS users through a trojanized version of the Termius SSH client. This version incorporates a modified Khepri C2 beacon and introduces new techniques for persistence.