The Hacker News

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

DEEP#DOOR embeds a Python RAT in a dropper script, using bore[.]pub C2 to steal credentials and evade Windows defenses, ...
Infosecurity Magazine

Deep#Door Python Backdoor Evades Detection On Windows

A stealthy Python-based backdoor framework capable of long-term surveillance and credential theft has been identified ...
Yahoo Finance

Introducing Chainguard Libraries for Python: Malware-Resistant Dependencies Built Entirely from Source

Today, more than half of the world's developers rely on Python, a programming language that has become the foundation of modern AI and machine learning applications. As the popularity of Python has ...
SecurityWeek

Sophisticated Deep#Door Backdoor Enables Espionage, Disruption

The stealthy Python-based backdoor framework deploys a persistent Windows implant likely designed for espionage.
Techzine Europe

Malicious Python package poses new supply chain threat

The open-source package elementary-data, with over a million downloads per month, has been compromised. Attackers exploited a vulnerability in a GitHub ...
CoinDesk

North Korean Hackers Are Targeting Top Crypto Firms With Malware Hidden in Job Applications

A North Korean hacking group is targeting crypto workers with a Python-based malware disguised as part of a fake job application process, researchers at Cisco Talos said earlier this week. Most ...

Script Injection and Data Theft: Python Data Analysis Tool Compromised

The popular Python package for monitoring data quality was briefly available as a malicious version. Provider Elementary ...
Hosted on MSN

Shell to pay: Crims invade your PC with CastleRAT malware, now in C and Python

A team of data thieves has doubled down by developing its CastleRAT malware in both Python and C variants. Both versions spread by tricking users into pasting malicious commands through a technique ...
Dark Reading

UNC6692 Combines Social Engineering, Malware, Cloud Abuse

A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged ...