A malicious Python package on PyPI uses Unicode as an obfuscation technique to evade detection while stealing and exfiltrating developers' account credentials and other sensitive data from compromised ...

A widely used Python package with more than 95 million monthly downloads has been compromised with credential-stealing ...

A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.

In a new twist on software supply chain attacks, researchers have discovered a Python package hiding malware inside of compiled code, allowing it to evade ordinary detection measures. On April 17, ...

A new ClickFix attack that leverages a Nuitka loader targets macOS users with the Python-based Infiniti Stealer malware.

With increased deployment of security solutions on cloud infrastructure, hackers have started adopting detection evasion tactics from Windows desktop computers to cloud environments. One such tactic ...

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python ...

A malicious Python package masquerading as a legitimate Telegram development tool has been identified as a vehicle for remote code execution attacks, raising concerns about supply chain security ...

Once Infiniti Stealer is installed on a device, it will attempt to steal data from the victim's Mac and upload that ...

Malwarebytes discovered Infiniti Stealer - a new piece of malware targeting macOS devices.

A phishing campaign targeting healthcare, government, hospitality, and education sectors uses several evasion techniques to ...