November 22, 2023 at 02:24AM The macOS information stealer, Atomic, is now being distributed through a malicious web browser update chain called ClearFake. This marks the first time a social engineering campaign intended for Windows has expanded to macOS. Atomic Stealer is a commercial malware that steals data from web browsers and cryptocurrency wallets. ClearFake … Read more
November 17, 2023 at 06:00AM An unidentified threat actor has been uploading malware-laden fake Python libraries to the PyPI repository for the past six months. Disguised as legitimate packages, these 27 libraries have attracted thousands of downloads from various countries. The attacker used steganography to hide malicious payloads within innocent-looking image files. The packages included … Read more
November 8, 2023 at 06:03PM Security researchers have discovered a new variant of the Jupyter information stealer malware, also known as Yellow Cockatoo, Solarmarker, and Polazert. The malware can infiltrate machines and collect sensitive data, including credentials for crypto-wallets and remote access apps. The malware has been observed leveraging PowerShell command modifications and digitally signed … Read more