North Korean job scammers target JavaScript and Python developers with fake interview tasks spreading malware

Operation Dream Job is evolving once again, and now comes through malicious dependencies on bare-bones projects.
LinuxInsider

Weaponized Python and Linux Malware Target Executives and Cloud Systems

Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering with fileless and kernel-level attack techniques.
Bleeping Computer

New Python malware backdoors VMware ESXi servers for remote access

A previously undocumented Python backdoor targeting VMware ESXi servers has been spotted, enabling hackers to execute commands remotely on a compromised system. VMware ESXi is a virtualization ...
Dark Reading

'BlazeStealer' Python Malware Allows Complete Takeover of Developer Machines

Malicious Python packages masquerading as legitimate code obfuscation tools are targeting developers via the PyPI code repository. Focusing on those interested in code obfuscation is a savvy choice ...
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...
Security Boulevard

Exploited React2Shell Flaw By LLM-generated Malware Foreshadows Shift in Threat Landscape

Attackers recently leveraged LLMs to exploit a React2Shell vulnerability and opened the door to low-skill operators and calling traditional indicators into question.
Security Boulevard

Hackers Use LLM to Create React2Shell Malware, the Latest Example of AI-Generated Threat

Darktrace researchers say hackers used AI and LLMs to create malware to exploit the React2Shell vulnerability to mine ...
HealthcareInfoSecurity

AI-Generated Malware Exploits React2Shell for Tiny Profit

Security researchers detected artificial intelligence-generated malware exploiting the React2Shell vulnerability, allowing ...