Python devs are being targeted by this massive infostealing malware campaign
The threat actors used the access to commit malware to the Top.gg Python library. The goal of the campaign was to steal ...
Hosted on MSN4mon
Crypto-stealing malware discovered in Python Package Index — Checkmarx
Despite the vigilance and quick action of Checkmarx and the Python Package Index to address the issue, the malware returned in early October and has reportedly been downloaded more than 3,700 ...
DeepSeek AI tools impersonated by infostealer malware on PyPI
Threat actors are taking advantage of the rise in popularity of the DeepSeek to promote two malicious infostealer packages on ...
SecurityWeek11d
Developers Targeted With Malware Disguised as DeepSeek Package
Python developers looking to integrate DeepSeek into their projects were targeted with malicious packages delivered through ...
CSOonline10d
Hackers impersonate DeepSeek to distribute malware
“On January 29, 2025, a malicious user ‘bvk’ uploaded two packages: deepseeek and deepseekai,” PT ESC researchers said in a ...
Hackaday6y
When Good Software Goes Bad: Malware In Open Source
Open Source software is always trustworthy, right? [Bertus] broke a story about a malicious Python package called “Colourama”. When used, it secretly installs a VBscript that watches the ...
Bleeping Computer25d
Ransomware gangs pose as IT support in Microsoft Teams phishing attacks
“Sophos assesses with medium confidence that the Python malware used in this attack is connected to the threat actors behind FIN7/Sangria Tempest,” explain the researchers. Because the attack ...