More results...
Jamf Threat Labs has identified a novel macOS infostealer that exploits PyInstaller, a legitimate open-source tool used to bundle Python scripts into standalone Mach-O executables. This marks the first documented instance of PyInstaller being weaponize…
A seemingly innocuous Python package named ‘discordpydebug’ surfaced on the Python Package Index (PyPI) under the guise of “Discord py error logger.” Marketed as a debugging utility for developers working on Discord bots with the Discord.py library, th…
Sonatype discovered ‘crypto-encrypt-ts’, a malicious npm package impersonating the popular CryptoJS library to steal crypto and personal data.…
A newly analyzed Python-based Remote Access Trojan (RAT) has emerged as a significant cybersecurity threat, utilizing Discord as its command-and-control (C2) platform. Disguised as a benign script, this malware transforms the popular communication tool…
The Socket Threat Research Team has unearthed a trio of malicious packages, two hosted on the Python Package Index (PyPI) and one on the npm registry, designed to silently pilfer cryptocurrency secrets, including mnemonic seed phrases and private keys….
LLMs’ tendency to “hallucinate” code packages that don’t exist could become the basis for a new type of supply chain attack dubbed “slopsquatting” (courtesy of Seth Larson, Security Developer-in-Residence at the Pyth…
A North Korean state-sponsored threat group known as “Slow Pisces” has been orchestrating sophisticated cyberattacks targeting developers in the cryptocurrency sector using malware-laced coding challenges. This campaign employs deceptive ta…
TL;DR: A critical deserialization vulnerability (CVSS 9.8 – CVE-2025-27520) in BentoML (v1.3.8–1.4.2) lets attackers execute remote code without…
North Korean threat actors have demonstrated their adept use of social engineering techniques combined with Python scripting to infiltrate secure networks. The Democratic People’s Republic of Korea (DPRK) operatives are leveraging the accessibili…
In a recent development, the ReversingLabs research team has uncovered a sophisticated software supply chain attack targeting developers of cryptocurrency applications. The attack involved the creation of two malicious Python packages, bitcoinlibdbfix …