Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

A stealthy Python-based backdoor framework capable of long-term surveillance and credential theft has been identified ...

This was not a case of stolen credentials, but rather of vulnerability exploitation.

A widely used open-source PyPI package, elementary-data, was compromised in a targeted attack that inserted infostealer malware via a GitHub Actions vulnerability. The malicious update, version 0.23.3 ...

DEEP#DOOR embeds a Python RAT in a dropper script, using bore[.]pub C2 to steal credentials and evade Windows defenses, ...

The open-source package elementary-data, with over a million downloads per month, has been compromised. Attackers exploited a vulnerability in a GitHub ...

The stealthy Python-based backdoor framework deploys a persistent Windows implant likely designed for espionage.

A North Korean hacking group is targeting crypto workers with a Python-based malware disguised as part of a fake job application process, researchers at Cisco Talos said earlier this week. Most ...

Checkmarx suffers a second supply chain attack in a month, resulting in hackers injecting credential-stealing malware into ...