Bleeping Computer

Python info-stealing malware uses Unicode to evade detection

A malicious Python package on PyPI uses Unicode as an obfuscation technique to evade detection while stealing and exfiltrating developers' account credentials and other sensitive data from compromised ...
Dark Reading

Novel PyPI Malware Uses Compiled Python Bytecode to Evade Detection

In a new twist on software supply chain attacks, researchers have discovered a Python package hiding malware inside of compiled code, allowing it to evade ordinary detection measures. On April 17, ...
CSOonline

Attackers use Python compiled bytecode to evade detection

Newly discovered campaign takes advantage of the fact that most vulnerability scanning tools don't read compiled open-source software. Attackers who are targeting open-source package repositories like ...

Anthropic Backs Python Security With $1.5 Million PSF Partnership

Anthropic committed $1.5 million to the Python Software Foundation to strengthen PyPI and CPython security, targeting ...
Infosecurity Magazine

VVS Stealer Uses Advanced Obfuscation to Target Discord Users

A new Python-based malware called VVS stealer has been identified, targeting Discord users with stealthy techniques to steal ...
Dark Reading

Attackers Abuse Python, Cloudflare to Deliver AsyncRAT

The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade ...
Cybernews

Python-based VVS Stealer sneaks off with your Discord data

According to a report from Palo Alto Networks Unit 42, the malware is advertised on Telegram as the “ultimate stealer” and ...