python
-
Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems
The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the…
Read More » -
Dormant PyPI Package Compromised to Spread Nova Sentinel Malware
A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an…
Read More » -
Microsoft Releases PyRIT – A Red Teaming Tool for Generative AI
Microsoft has released an open access automation framework called PyRIT (short for Python Risk Identification Tool) to proactively identify risks in generative…
Read More » -
New Malicious PyPI Packages Caught Using Covert Side-Loading Tactics
Cybersecurity researchers have discovered two malicious packages on the Python Package Index (PyPI) repository that were found leveraging a technique…
Read More » -
Malicious ‘SNS Sender’ Script Abuses AWS for Bulk Smishing Attacks
A malicious Python script known as SNS Sender is being advertised as a way for threat actors to send bulk smishing messages…
Read More » -
Italian Businesses Hit by Weaponized USBs Spreading Cryptojacking Malware
A financially motivated threat actor known as UNC4990 is leveraging weaponized USB devices as an initial infection vector to target…
Read More » -
“Activator” Alert: MacOS Malware Hides in Cracked Apps, Targeting Crypto Wallets
Cracked software have been observed infecting Apple macOS users with a previously undocumented stealer malware capable of harvesting system information…
Read More » -
TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks
Continuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow machine learning framework could have been exploited to…
Read More »