TechRepublic

Old Python package comes back to life and delivers malicious payload

A recently spotted supply chain attack abused an old but legitimate Python package to deliver a malicious payload. Read more on how the attacker managed to do it and how to protect yourself from it.

JDownloader site hacked to replace installers with Python RAT malware

The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows ...
Bleeping Computer

From infostealer to full RAT: dissecting the PureRAT attack chain

An investigation into what appeared at first glance to be a “standard” Python-based infostealer campaign took an interesting turn when it was discovered to culminate in the deployment of a ...
CSOonline

Cryptojacking attack on cloud workloads uses fileless Python malware

With increased deployment of security solutions on cloud infrastructure, hackers have started adopting detection evasion tactics from Windows desktop computers to cloud environments. One such tactic ...
Dark Reading

Malicious Chimera Turns Larcenous on Python Package Index

A malicious package recently uploaded to the Python Package Index (PyPI) is the latest manifestation of the growing sophistication of software supply chain threats. Security researchers at JFrog ...
SiliconANGLE

New ‘PyLoose’ fileless malware attacks target cloud workloads

Researchers at cybersecurity firm Wiz Inc. today detailed a newly discovered Python-based fileless malware that’s targeting cloud workloads. Dubbed “PyLoose,” the attack is said to be the first ...