News

Hacker targets other hackers and gamers with backdoored GitHub code
A hacker targets other hackers, gamers, and researchers with exploits, bots, and game cheats in source code hosted on GitHub ...
CSOonline2y
Attackers use Python compiled bytecode to evade detection
and the most common use for such files is in the distribution of Python modules. In most instances of PyPI malware, the malicious obfuscated code is meant to reach out to an external URL and ...
Bleeping Computer2y
Dozens of PyPI packages caught dropping 'W4SP' info-stealing malware
Researchers have discovered over two dozen Python packages on the PyPI registry that are pushing info-stealing malware. Most of these contain obfuscated code that drops "W4SP" info-stealer on ...
WeLiveSecurity1y
A pernicious potpourri of Python packages in PyPI
Figure 5. In some packages, only lightly obfuscated code is present The next stages are Python packages, scripts, or binary files downloaded from either Dropbox or transfer.sh. Figure 6.
TechJuice8d
Hackers and Gamers Fall Victim to Backdoored GitHub Repositories
Security experts discovered over 140 infected GitHub repositories. Out of these, 133 contained working backdoor scripts.
Sysdig detects AI-assisted malware exploiting Open WebUI misconfigurations
Discovered by Sysdig’s Threat Research Team, the malware campaign involved exploiting misconfigured instances of Open WebUI, a widely used self-hosted artificial intelligence interface, to deploy ...
Infosecurity-magazine.com2y
Malicious Npm Packages Designed to Steal Discord Tokens
It has named the campaign, which features malicious, obfuscated Python and JavaScript code, LofyLife. The purpose of the campaign appears to be to steal Discord tokens and users’ card data. “The ...
Hosted on MSN2mon
HP raises the alarm over new cyber threat, warns users
These images are opened by default in web browsers and execute the embedded code to deploy seven payloads ... the attackers also used obfuscated Python scripts to install the malware.