North Korean job scammers target JavaScript and Python developers with fake interview tasks spreading malware

Operation Dream Job is evolving once again, and now comes through malicious dependencies on bare-bones projects.
LinuxInsider

Weaponized Python and Linux Malware Target Executives and Cloud Systems

Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering with fileless and kernel-level attack techniques.
Bleeping Computer

New Python malware backdoors VMware ESXi servers for remote access

A previously undocumented Python backdoor targeting VMware ESXi servers has been spotted, enabling hackers to execute commands remotely on a compromised system. VMware ESXi is a virtualization ...
Dark Reading

'BlazeStealer' Python Malware Allows Complete Takeover of Developer Machines

Malicious Python packages masquerading as legitimate code obfuscation tools are targeting developers via the PyPI code repository. Focusing on those interested in code obfuscation is a savvy choice ...
CoinTelegraph

Crypto-stealing malware discovered in Python Package Index — Checkmarx

According to cybersecurity firm Hacken, financial losses from crypto hacks topped $440 million in the third quarter of 2024. Researchers at the Checkmarx cybersecurity firm sounded the alarm on a ...
Security Boulevard

Exploited React2Shell Flaw By LLM-generated Malware Foreshadows Shift in Threat Landscape

Attackers recently leveraged LLMs to exploit a React2Shell vulnerability and opened the door to low-skill operators and calling traditional indicators into question.
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...
HealthcareInfoSecurity

AI-Generated Malware Exploits React2Shell for Tiny Profit

Security researchers detected artificial intelligence-generated malware exploiting the React2Shell vulnerability, allowing ...