A malicious Python package on PyPI uses Unicode as an obfuscation technique to evade detection while stealing and exfiltrating developers' account credentials and other sensitive data from compromised ...

There are moments in the evolution of a nation when a single incident, seemingly isolated, exposes a deeper and more troubling ...

In a new twist on software supply chain attacks, researchers have discovered a Python package hiding malware inside of compiled code, allowing it to evade ordinary detection measures. On April 17, ...

Cybersecurity researchers have uncovered “pytoileur,” a malicious package on the Python Package Index (PyPI). The package, posing as an “API Management tool written in Python,” concealed code that ...

The Arkanix Stealer malware can collect and exfiltrate system information, browser data, VPN information, and arbitrary files ...

A new Python-based malware has been spotted in the wild featuring remote access trojan (RAT) capabilities to give its operators control over the breached systems. Named PY#RATION by researchers at ...

Security researchers at ReversingLabs have discovered a novel attack that used compiled Python code to evade detection. According to ReversingLabs reverse engineer Karlo Zanki, this could be the first ...

Sometimes the simplest techniques can foil the complex systems created by security firms and large enterprises to detect malicious programs and files. Putting malware to sleep, waiting for a user to ...

Document-based macro malware flies under the security radar by first detecting existing documents on PC. Researchers have found a new strain of document-based macro malware that evades discovery by ...