The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
Cybernews

LinkedIn DM phishing campaign targets high-value execs with weaponized file downloads

A phishing campaign targeting carefully selected “high-value” corporate employees has been using LinkedIn direct messages to deliver weaponized downloads, highlighting how criminals are shifting away ...
The Hacker News

Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading

Researchers found a LinkedIn phishing campaign delivering a remote access trojan via DLL sideloading, WinRAR SFX files, and ...
SecurityWeek

‘SolyxImmortal’ Information Stealer Emerges

The Python-based information stealer SolyxImmortal uses legitimate APIs and libraries for stealthy data gathering and ...

WhatsApp Web malware spreads banking Trojan automatically

New WhatsApp Web attack spreads self-propagating ZIP files containing Astaroth banking malware through trusted conversations.
小黑盒生活 on MSN

硬核科普:Python类应用是如何悄无声息往电脑植入后门的?

【本文由小黑盒作者@周铁男是我于01月17日发布,转载请标明出处!】 今天看到火绒团队发的《银狐后门:Python库压缩包篡改与Chrome伪装攻击分析》后,感觉这里用到了一种很新奇的方法,于是我做了复现,顺便分享给大家共同学习 ...
Dark Reading

AsyncRAT Malware Infests Orgs via Python & Cloudflare

The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade detection and gain trust.
Windows Report

Efficiently download and install Python on Windows 11

Before you begin, you’ll need to download and install Python from the official website (https://www.python.org/downloads/). Make sure to download the latest version ...