A malicious Python package on PyPI uses Unicode as an obfuscation technique to evade detection while stealing and exfiltrating developers' account credentials and other sensitive data from compromised ...

In a new twist on software supply chain attacks, researchers have discovered a Python package hiding malware inside of compiled code, allowing it to evade ordinary detection measures. On April 17, ...

A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.

Cybersecurity researchers have uncovered “pytoileur,” a malicious package on the Python Package Index (PyPI). The package, posing as an “API Management tool written in Python,” concealed code that ...

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python ...

Security researchers at ReversingLabs have discovered a novel attack that used compiled Python code to evade detection. According to ReversingLabs reverse engineer Karlo Zanki, this could be the first ...

A new ClickFix attack that leverages a Nuitka loader targets macOS users with the Python-based Infiniti Stealer malware.

With increased deployment of security solutions on cloud infrastructure, hackers have started adopting detection evasion tactics from Windows desktop computers to cloud environments. One such tactic ...

A well-resourced hacking operation has deployed newly developed trojan malware in a campaign targeting financial tech organisations with the aim of stealing email addresses, passwords and other ...

Sometimes the simplest techniques can foil the complex systems created by security firms and large enterprises to detect malicious programs and files. Putting malware to sleep, waiting for a user to ...