News

Bleeping Computer

Python info-stealing malware uses Unicode to evade detection

A malicious Python package on PyPI uses Unicode as an obfuscation technique to evade detection while stealing and exfiltrating developers' account credentials and other sensitive data from compromised ...
The Register on MSN

Shell to pay: Crims invade your PC with CastleRAT malware, now in C and Python

Pro tip, don't install PowerShell commands without approval A team of data thieves has doubled down by developing its ...
Infosecurity-magazine.com

"Kekw" Malware in Python Packages Could Steal Data and Hijack Crypto

Several harmful Python .whl files containing a new type of malware called “Kekw” have been discovered on PyPI (Python Package Index). According to new data by Cyble Research and Intelligence Labs ...
The Hacker News

TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations

CastleRAT and CastleLoader, active since March 2025, spread malware via phishing and GitHub repos, enabling data theft.
Hosted on MSN

Sneaky Serpentine#Cloud slithers through Cloudflare tunnels to inject orgs with Python-based malware

A sneaky malware campaign slithers through Cloudflare tunnel subdomains to execute in-memory malicious code and give unknown attackers long-term access to pwned machines.… Securonix threat hunters ...
Ars Technica

More malicious packages posted to online repository. This time it’s PyPI

Researchers have uncovered yet another supply chain attack targeting an open source code repository, showing that the technique, which has gained wide use in the past few years, isn’t going away any ...
CSOonline

Hackers impersonate DeepSeek to distribute malware

To make things worse than they already are for DeepSeek, hackers are found flooding the Python Package Index (PyPI) repository with fake DeepSeek packages carrying malicious payloads. According to a ...