A malicious Python package on PyPI uses Unicode as an obfuscation technique to evade detection while stealing and exfiltrating developers' account credentials and other sensitive data from compromised ...

In a new twist on software supply chain attacks, researchers have discovered a Python package hiding malware inside of compiled code, allowing it to evade ordinary detection measures. On April 17, ...

The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade ...

Researchers studying cybersecurity have discovered a new and sophisticated phishing effort that spreads dangerous payloads ...

A new Python-based malware called VVS stealer has been identified, targeting Discord users with stealthy techniques to steal ...

Newly discovered campaign takes advantage of the fact that most vulnerability scanning tools don't read compiled open-source software. Attackers who are targeting open-source package repositories like ...

Security researchers at ReversingLabs have discovered a novel attack that used compiled Python code to evade detection. According to ReversingLabs reverse engineer Karlo Zanki, this could be the first ...

A well-resourced hacking operation has deployed newly developed trojan malware in a campaign targeting financial tech organisations with the aim of stealing email addresses, passwords and other ...

Document-based macro malware flies under the security radar by first detecting existing documents on PC. Researchers have found a new strain of document-based macro malware that evades discovery by ...