A previously unknown threat group using tried-and-tested social engineering tactics - Microsoft Teams chat invitations and helpdesk staff impersonation - is also using custom malware in its ...
The popular Telnyx Python SDK is the latest victim of TeamPCP’s weeks-long supply chain campaign targeting the broad open source software ecosystem. The campaign started on March 19 with Aqua Security ...
Infostealer threats are rapidly expanding beyond traditional Windows-focused campaigns, increasingly targeting macOS environments, leveraging cross-platform languages such as Python, and abusing ...
A significantly evolved version of the Shai-Hulud malware now tracked as Sha1-Hulud has been discovered with over 400 packages affected, now featuring persistent backdoor capabilities through ...
An investigation into what appeared at first glance to be a “standard” Python-based infostealer campaign took an interesting turn when it was discovered to culminate in the deployment of a ...
Cybersecurity researchers have flagged a supply chain attack targeting over a dozen packages associated with GlueStack to deliver malware. The malware, introduced via ...
Note: If you are looking for a faster, more robust implementation for standart encodings, use the standard library. This library goal is to provide a flexible implementation for custom base-N ...
Newly discovered campaign takes advantage of the fact that most vulnerability scanning tools don't read compiled open-source software. Attackers who are targeting open-source package repositories like ...