A stealthy Python-based backdoor framework capable of long-term surveillance and credential theft has been identified ...

DEEP#DOOR embeds a Python RAT in a dropper script, using bore[.]pub C2 to steal credentials and evade Windows defenses, ...

The stealthy Python-based backdoor framework deploys a persistent Windows implant likely designed for espionage.

The popular Python package for monitoring data quality was briefly available as a malicious version. Provider Elementary ...

A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged ...

Python’s clear syntax and cross-platform support make it accessible for beginners while powerful for experts. Security teams leverage libraries like Scapy for packet manipulation, cryptography for ...

The open-source package elementary-data, with over a million downloads per month, has been compromised. Attackers exploited a vulnerability in a GitHub ...

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

A widely used open-source PyPI package, elementary-data, was compromised in a targeted attack that inserted infostealer malware via a GitHub Actions vulnerability. The malicious update, version 0.23.3 ...

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...

UNC6692 relies on email bombing and social engineering to infect victims with Snow malware: Snowbelt, Snowglaze, and ...