Kaspersky says the attacks use phishing, GitHub-hosted payloads, CVE-2025-9491 LNK abuse, and Go2Tunnel-based tunneling.
Multiple weaponized proof-of-concept (PoC) exploits on GitHub delivered a Python-based remote access trojan (RAT) called ChocoPoC that can execute commands and steal sensitive data. However, ChocoPoC ...
A campaign active since last November has been targeting Python developers building Telegram bots with trojanized Pyrogram ...
Jupyter Notebook is a tool to run and write Python code easily, showing results right away, and allowing you to combine code, charts, notes, and files in one place. You can start Jupyter Notebook ...
A new self-destructing backdoor called Mistic used in intrusions since April appears to be linked to a criminal gang that ...
The malware program has been deployed across multiple sectors since April, helping to provide initial access sold to ransomware gangs.
JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Microsoft discovered a self-spreading USB worm active since February that monitors clipboards for crypto wallets and routes stolen data through Tor.
Steam is one of the most popular storefronts in PC gaming, but it turns out that the Steam Workshop might presently be ...
This tool was specifically built to prevent zip file changes from triggering AWS Lambda function updates when running terraform apply. Before this change, every re-build of the zipfile would result in ...
The most recent variants of the self-propagating attacks are named Miasma and Hades. The payload used in the Red Hat attack contained the string “Miasma: The Spreading Blight”, which appeared in ...