Browsing Tag
Python
44 posts
Operation HumanitarianBait Uses Fake Aid Documents to Deploy Python Spyware
Operation HumanitarianBait uses fake aid documents, GitHub-hosted payloads, and Python spyware to target Russian-speaking victims.
Hackers Are Using LinkedIn DMs and PDF Tools to Deploy Trojans
That LinkedIn message pretending to be job offer could just be malwre.
CastleLoader Malware Now Uses Python Loader to Bypass Security
Cybersecurity researchers at Blackpoint Cyber discovered a new, evasive CastleLoader malware variant using Python and ClickFix social engineering to deliver RATs and info-stealers directly from memory.
Shai Hulud npm Worm Impacts 26,000+ Repos in Supply Chain Attack
The Shai Hulud worm's "Second Coming" has compromised over 26,000 public repositories. We detail the attacker's mistake, the target packages, and mandatory security tips.
RedTiger Malware Steals Data, Discord Tokens and Even Webcam Images
A new Python-based infostealer called RedTiger is targeting Discord gamers to steal authentication tokens, passwords, and payment information. Learn how the malware works, its evasion tactics, and essential security steps like enabling MFA.
npm Packages With 2 Billion Weekly Downloads Hacked in Major Attack
Aikido Security flagged the largest npm attack ever recorded, with 18 packages like chalk, debug, and ansi-styles hacked…
GhostAction Attack Steals 3,325 Secrets from GitHub Projects
GhostAction supply chain attack hit 817 GitHub repositories, stealing 3,325 secrets including npm, PyPI, and DockerHub tokens.
GitHub Abused to Spread Amadey, Lumma and Redline InfoStealers in Ukraine
Hackers abused fake GitHub accounts to spread Emmenhtal, Amadey, Lumma and Redline infoStealers in attacks linked to a phishing campaign targeting Ukraine in early 2025.
N. Korean Hackers Use PylangGhost Malware in Fake Crypto Job Scam
North Korean hackers deploy PylangGhost malware through fake crypto job interviews targeting blockchain professionals with phishing and remote access tools.
Backdoors in Python and NPM Packages Target Windows and Linux
Checkmarx uncovers cross-ecosystem attack: fake Python and NPM packages plant backdoor on Windows and Linux, enabling data theft plus remote control.