North Korean job scammers target JavaScript and Python developers with fake interview tasks spreading malware

Operation Dream Job is evolving once again, and now comes through malicious dependencies on bare-bones projects.
LinuxInsider

Weaponized Python and Linux Malware Target Executives and Cloud Systems

Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering with fileless and kernel-level attack techniques.
Bleeping Computer

Python info-stealing malware uses Unicode to evade detection

A malicious Python package on PyPI uses Unicode as an obfuscation technique to evade detection while stealing and exfiltrating developers' account credentials and other sensitive data from compromised ...
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...
Security Boulevard

Hackers Use LLM to Create React2Shell Malware, the Latest Example of AI-Generated Threat

Darktrace researchers say hackers used AI and LLMs to create malware to exploit the React2Shell vulnerability to mine ...
Security Boulevard

Exploited React2Shell Flaw By LLM-generated Malware Foreshadows Shift in Threat Landscape

Attackers recently leveraged LLMs to exploit a React2Shell vulnerability and opened the door to low-skill operators and calling traditional indicators into question.
Threat Post

VMware ESXi Servers Encrypted by Lightning-Fast Python Script

The little snippet of Python code strikes fast and nasty, taking less than three hours to complete a ransomware attack from initial breach to encryption. Researchers have discovered a new Python ...
HealthcareInfoSecurity

AI-Generated Malware Exploits React2Shell for Tiny Profit

Security researchers detected artificial intelligence-generated malware exploiting the React2Shell vulnerability, allowing ...