-
Pakistan-linked cyberespionage group APT36 (Transparent Tribe) has escalated its campaign against Indian government institutions with the deployment of sophisticated Python-based ELF malware specifically designed to compromise Linux-based BOSS operatin…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ReversingLabs researchers have sounded the alarm over a vulnerability lurking in legacy Python packages one that exposes users of the Python Package Index (PyPI) to supply chain attacks through domain compromise. Although the vulnerable code is rarely …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An India-aligned advanced persistent threat group known as Dropping Elephant has launched sophisticated cyberattacks against Pakistan’s defense sector using a newly developed Python-based backdoor delivered through an MSBuild dropper. The campaig…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
K7 Labs researchers have identified a sophisticated Python-based malware sample employing multi-stage obfuscation and process injection techniques to achieve stealthy persistence on Windows systems. The malware reconstructs a 65 MB blob, with the bulk …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat researchers at Netskope have uncovered a sophisticated new Remote Access Trojan (RAT) written in Python that masquerades as “Nursultan Client,” a legitimate Minecraft application popular in Eastern-European and Russian gaming communi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Elastic Security Labs has officially released nightMARE version 0.16, a comprehensive Python library designed to streamline malware analysis and reverse engineering workflows. The open-source tool consolidates multiple analysis capabilities into a sing…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are increasingly abusing Discord webhooks as covert command-and-control (C2) channels inside open-source packages, enabling stealthy exfiltration of secrets, host telemetry, and developer environment data without standing up bespoke infra…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly spotted Python remote access trojan (RAT) on VirusTotal employs advanced polymorphic and self-modifying techniques, allowing it to alter its code signature on every execution and evade detection. Security researchers examining VirusTotal submis…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated Python-based information stealer named XillenStealer has emerged as a significant threat to Windows users, designed to harvest sensitive system data, browser credentials, and cryptocurrency wallet information. XillenStealer operates thr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The North Korean-aligned threat group APT37, also known as ScarCruft, Ruby Sleet, and Velvet Chollima, has evolved its cyber warfare capabilities by deploying sophisticated Rust and Python-based malware in recent campaigns targeting Windows systems. Ac…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
