Advertisement
Backdoored PyTorch Lightning Package Drops Credential Stealer
A malicious PyTorch Lightning package on PyPI delivers a credential stealer, targeting browser data, environment variables, and cloud service credentials. Urgent action
Marimo RCE via CVE-2024-41663 Exploited to Deliver NKAbuse Malware
Attackers are exploiting a critical RCE in Marimo Python notebooks (CVE-2024-41663) to deploy NKAbuse malware via Hugging Face. Update to version 0.7.5.
Marimo RCE via CVE-2024-52271 — Active Exploitation Mitigation Guide
Critical pre-auth RCE vulnerability in Marimo (CVE-2024-52271) is under active exploitation for credential theft. Update to version 0.9.11 immediately.
ForceMemo: Credential Theft Compromises Python Repositories
Researchers reveal ForceMemo, a campaign exploiting credentials stolen via GlassWorm to compromise hundreds of GitHub accounts and Python repositories.
AI-Generated Slopoly Malware Linked to Interlock Ransomware Attacks
Analysis of the AI-generated Slopoly malware and its role in Interlock ransomware operations, including technical details and detection strategies.
Over 100 GitHub Repositories Distributing BoryptGrab Stealer
A large-scale campaign on GitHub utilizes over 100 repositories to distribute BoryptGrab, an info-stealer targeting crypto wallets and browser data.
Arkanix Stealer: Rapid Disappearance of C++ & Python Malware
Arkanix Stealer, a C++ and Python-based info-stealer, emerged briefly, exfiltrating system data, browser credentials, and files before vanishing. Analysis of its TTPs.