python
-
Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack
Threat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March…
Read More » -
Python’s PyPI Reveals Its Secrets
GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million…
Read More » -
PyPI Halts Sign-Ups Amid Surge of Malicious Package Uploads Targeting Developers
The maintainers of the Python Package Index (PyPI) repository briefly suspended new user sign-ups following an influx of malicious projects…
Read More » -
Watch Out: These PyPI Python Packages Can Drain Your Crypto Wallets
Threat hunters have discovered a set of seven packages on the Python Package Index (PyPI) repository that are designed to…
Read More » -
New Python-Based Snake Info Stealer Spreading Through Facebook Messages
Facebook messages are being used by threat actors to a Python-based information stealer dubbed Snake that’s designed to capture credentials…
Read More » -
Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems
The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the…
Read More » -
Dormant PyPI Package Compromised to Spread Nova Sentinel Malware
A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an…
Read More » -
Microsoft Releases PyRIT – A Red Teaming Tool for Generative AI
Microsoft has released an open access automation framework called PyRIT (short for Python Risk Identification Tool) to proactively identify risks in generative…
Read More » -
New Malicious PyPI Packages Caught Using Covert Side-Loading Tactics
Cybersecurity researchers have discovered two malicious packages on the Python Package Index (PyPI) repository that were found leveraging a technique…
Read More » -
Malicious ‘SNS Sender’ Script Abuses AWS for Bulk Smishing Attacks
A malicious Python script known as SNS Sender is being advertised as a way for threat actors to send bulk smishing messages…
Read More »