The Hacker News

Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers

Python infostealers are spreading from Windows to macOS via Google Ads, ClickFix lures, and fake installers to steal credentials and financial data.
Hosted on MSN

Bitcoinlib Malware Alert: How Fake Python Packages Targeted Crypto Wallets

Attackers uploaded fake Python packages to PyPI that posed as Bitcoinlib tools and targeted wallet data. The malware infected crypto development environments, stole private keys and seed phrases and ...
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...
Cybernews

North Korea is turning open-source projects into malware traps

North Korea is doubling down on a familiar playbook by weaponizing trust in open-source software and developer workflows. The ...