Datadog threat roundup: top insights for Q4 2024

Datadog's Q4 2024 Threat Roundup outlines active and evolving threats: malicious npm/PyPI supply-chain packages (pre/post-install scripts and setuptools overwrites) distributing droppers and infostealers, campaigns by actors including DPRK-linked Tenacious Pungsan and MUT-8694/MUT-1244, large credential exfiltration (~390,000 credentials), and an increase in cloud control-plane abuse—notably AWS Bedrock LLMjacking and SES compromise—highlighting the need for stronger access-key hygiene, package vetting, and targeted detection engineering.