Security News

Crypto Developers Targeted by Python Malware Disguised as Coding Challenges
2025-04-15 09:10

The North Korea-linked threat actor assessed to be behind the massive Bybit hack in February 2025 has been linked to a malicious campaign that targets developers to deliver new stealer malware...

Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data
2025-04-05 08:38

Cybersecurity researchers have uncovered malicious libraries in the Python Package Index (PyPI) repository that are designed to steal sensitive information. Two of the packages, bitcoinlibdbfix...

AsyncRAT Campaign Uses Python Payloads and TryCloudflare Tunnels for Stealth Attacks
2025-02-05 09:40

A malware campaign has been observed delivering a remote access trojan (RAT) named AsyncRAT by making use of Python payloads and TryCloudflare tunnels. "AsyncRAT is a remote access trojan (RAT)...

PyPI Introduces Archival Status to Alert Users About Unmaintained Python Packages
2025-02-03 12:30

The maintainers of the Python Package Index (PyPI) registry have announced a new feature that allows package developers to archive a project as part of efforts to improve supply chain security....

Python-Based Bots Exploiting PHP Servers Fuel Gambling Platform Proliferation
2025-01-17 13:06

Cybersecurity researchers have exposed a new campaign that targets web servers running PHP-based applications to promote gambling platforms in Indonesia. "Over the past two months, a significant...

Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws
2025-01-16 06:45

Cybersecurity researchers have detailed an attack that involved a threat actor utilizing a Python-based backdoor to maintain persistent access to compromised endpoints and then leveraged this...

PyPI Python Library "aiocpa" Found Exfiltrating Crypto Keys via Telegram Bot
2024-11-25 13:54

The administrators of the Python Package Index (PyPI) repository have quarantined the package "aiocpa" following a new update that included malicious code to exfiltrate private keys via Telegram....

PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries
2024-11-22 06:15

Cybersecurity researchers have discovered two malicious packages uploaded to the Python Package Index (PyPI) repository that impersonated popular artificial intelligence (AI) models like OpenAI...

Researchers Uncover Python Package Targeting Crypto Wallets with Malicious Code
2024-10-30 11:00

Cybersecurity researchers have discovered a new malicious Python package that masquerades as a cryptocurrency trading tool but harbors functionality designed to steal sensitive data and drain...

Open source LLM tool primed to sniff out Python zero-days
2024-10-20 09:00

The static analyzer uses Claude AI to identify vulns and suggest exploit code Researchers with Seattle-based Protect AI plan to release a free, open source tool that can find zero-day...