Computing

Malicious Python packages found exfiltrating user data to Telegram bot

Researchers at security vendor Checkmarx have uncovered an operation, apparently based in Iraq, that uses malware hosted on the Python repository PyPI to search for files on the victim's device and ...
Infosecurity Magazine

Phishing Campaign Evolves into PureRAT Deployment, Linked to Vietnamese Threat Actors

The attackers used process hollowing against RegAsm.exe, patched Windows defenses such as AMSI and ETW and unpacked further ...
CSOonline

Supply chain attack hits RubyGems to steal Telegram API data

Threat actor exploits Fastlane plugin trust to redirect Telegram traffic via C2 server after Vietnam’s ban, targeting mobile app CI/CD pipelines. An ongoing supply chain attack is targeting the ...