May 29, 2024 at 01:51PM Cybersecurity researchers have discovered a malicious Python package, “pytoileur,” in the Python Package Index repository, aiming to enable cryptocurrency theft. The package’s code executes a Base64-encoded payload to retrieve a Windows binary from an external server, establishing persistence and dropping spyware and data-stealing malware. This method signifies an unprecedented abuse … Read more
May 13, 2024 at 03:09AM Cybersecurity researchers discovered a malicious Python package, requests-darwin-lite, concealing a Golang version of the Sliver command-and-control framework within a PNG image of the project’s logo. The package, downloaded 417 times before being removed, aimed to gather system identifiers and raise concerns about open-source malware distribution. (Words: 50) From the meeting … Read more
April 30, 2024 at 10:01AM Cybersecurity researchers have found malicious “imageless” containers in Docker Hub, creating a potential for supply chain attacks. The containers house documentation that leads users to phishing or malware websites. Over 4 million such repositories have been identified, used to redirect users to fraudulent sites in three distinct campaigns. This underscores … Read more