EHA
VileRAT Attacking Windows Machines via Malicious Software

VileRAT Attacking Windows Machines via Malicious Software

A new variant of VileRAT is being distributed through fake software pirate websites to infect Windows systems on a large scale. This Python-based VileRAT malware family is believed to be specific to the Evilnum threat group,...
Research Discovered 116 Malicious PyPI Packages Downloaded Over 10,000 Times

Research Discovered 116 Malicious PyPI Packages Downloaded Over 10,000 Times

A cluster of malicious Python projects has been identified in PyPI, the official Python PyPI package repository, which targets both Windows and Linux systems and often deploys a custom backdoor. In certain instances, the ultimate payload consists...
Watch Out For Malicious Python Packages That Can Hijack Your Computer

Watch Out For Malicious Python Packages That Can Hijack Your Computer

Recently, security researchers have discovered that cybercriminals are distributing harmful Python packages that are camouflaged as genuine obfuscation tools, but in reality, they contain malicious code. These packages are being used by threat actors...
Threat Actors Deployed Hundreds of Python Packages to Steal System Data

Threat Actors Deployed Hundreds of Python Packages to Steal System Data

In the open-source ecosystem, shadows shift as collaboration succeeds, attracting both novices and skilled threat actors. A rising threat has been evolving and sharpening its tools in recent months. Checkmarx Supply Chain Security researchers have...
Malicious npm and PyPi Packages Exfiltrate SSH Keys From Server

Malicious npm and PyPi Packages Exfiltrate SSH Keys From Server

JavaScript and Python both have their own package repositories called npm (Node Package Manager) and PyPi (Python Package Index), respectively. They act as key centers for publishing and exchanging reusable code libraries and packages by...
North Korea’s Hacker Group Deploys Malicious Version of Python Package in PyPI Repository

North Korea’s Hacker Group Deploys Malicious Version of Python Package in PyPI Repository

ReversingLabs spotted "VMConnect" in early August, a malicious supply chain campaign with two dozen rogue Python packages on PyPI. It's been observed that these packages mimicked the following known open-source Python tools:- vConnector eth-tester Databases Cybersecurity researchers at ReversingLabs...
Weaponized PyPI Package

Hackers Weaponized PyPI Packages to Steal Sensitive Information

Python developers worldwide share and download code through PyPI (Python Package Index), a popular repository for software packages for the Python programming language. PyPI is widely used, making it a viable target for threat actors...
Python Tools

Most Important Python Security Tools for Ethical Hackers & Penetration Testers 2023

There are a variety of Python security tools are using in the cybersecurity industries and python is one of the widely used programming languages to develop penetration testing tools. For anyone who is involved in...
29 Weaponized Python PyPI Packages Aimed to Infect Developers With Malware

29 Weaponized Python PyPI Packages Aimed to Infect Developers With Malware

The Python Package Index (PyPI) has been found to contain 29 potentially malicious packages. In most of these cases, you will find that the obfuscated code drops an info-stealer called "W4SP" on infected machines. Others...
15 Year Old Python Bug

15 Year Old Python Bug Let Hacker Execute Code in Code 350k Python Projects

Trellix Advanced Threat Research Team observed an unpatched 15 year old Python bug found in the Python’s tarfile module tracked as CVE-2007-4559 with CVSS score: 6.8. “The vulnerability is a path traversal attack in the...

Managed WAF

Website

Latest News