News

CSOonline2y
Attackers use Python compiled bytecode to evade detection
In one variation of the W4SP attacks, the obfuscated malicious code in the files was shifted past the edge of the default screen borders, so that someone manually reviewing the source code file ...
Bleeping Computer2y
Dozens of PyPI packages caught dropping 'W4SP' info-stealing malware
Researchers have discovered over two dozen Python packages on the PyPI registry that are pushing info-stealing malware. Most of these contain obfuscated code that drops "W4SP" info-stealer on ...
Bleeping Computer2y
Python info-stealing malware uses Unicode to evade detection
Python's Unicode support can be easily abused to hide malicious string matches, making code appear innocuous while still performing malicious behavior. In this case, the stealing of sensitive data ...
Infosecurity-magazine.com2y
Malicious Npm Packages Designed to Steal Discord Tokens
It has named the campaign, which features malicious, obfuscated Python and JavaScript code, LofyLife. The purpose of the campaign appears to be to steal Discord tokens and users’ card data. “The ...
Hosted on MSN3mon
HP raises the alarm over new cyber threat, warns users - MSN
The Principal Threat Researcher, HP Security Lab, Patrick Schläpfer, said a common thread across these campaigns is the use of obfuscation and anti-analysis techniques to slow down investigations.
Visual Studio Magazine9mon
VS Code Is Latest Microsoft Dev Tooling Weaponized by Threat Actors
In the reported attack scheme, users are tricked into clicking on a link, potentially delivered in spam emails, which actually delivers an obfuscated Python script. "Once executed, the Python script ...