As part of their research and monitoring efforts, the Supply Chain Security team of the Threat Intelligence department of the Positive Technologies Expert Security Center (PT ESC) detected and prevented a malicious campaign in the Python Package Index (PyPI) package repository.
The attack targeted developers, ML engineers, and ordinary AI enthusiasts who might be interested in integrating DeepSeek into their systems. PyPI is used as a default package repository in popular package managers: pip, pipenv, and poetry.
Read more…
Source: Positive Technologies
Related:
- Obfuscation Tools Found in the Capesand Exploit Kit Possibly Used in “KurdishCoder” Campaign
December 4, 2019
In November 2019, Trend Micro published a blog analyzing an exploit kit we named Capesand that exploited Adobe Flash and Microsoft Internet Explorer flaws. During our analysis of the indicators of compromise (IoCs) in the deployed samples that were infecting the victim’s machines, we noticed some interesting characteristics: notably that these samples were making use of ...
- Buer, a new loader emerges in the underground marketplace
December 4, 2019
For several years, Proofpoint researchers have been tracking the use of first-stage downloaders, which are used by threat actors to install other forms of malware during and after their malicious email campaigns. In particular, over the last two years, these downloaders have become increasingly robust, providing advanced profiling and targeting capabilities. More importantly, downloaders and other ...
- FBI warns about snoopy smart TVs spying on you
December 3, 2019
She laughed. I laughed. The TV laughed. I shot the TV. “Blasted Decepticons!” That’s how a popular meme went after the Transformer movies hit it big. Today, it’s not so funny. A recent FBI report warned smart TV users that hackers can also take control of your unsecured TV. “At the low end of the risk spectrum, they can ...
- Android: New StrandHogg vulnerability is being exploited in the wild
December 2, 2019
Security researchers from Promon, a Norwegian firm specialized in in-app security protections, said they identified a bug in the Android operating system that lets malicious apps hijack legitimate app, and perform malicious operations on their behalf. In a comprehensive report published today, the research team said the vulnerability can be used to trick users into granting intrusive permissions ...
- Imminent Monitor – a RAT Down Under
December 2, 2019
The availability of “commodity malware” – malware offered for sale – empowers a large population of criminals, who make up for their lack of technical sophistication with an abundance of malicious intent. Rather than looking just at the malware samples and functionality themselves, we’ve taken an interest in the commodity malware ecosystem; especially into the malware ...
- Mobile Cyberespionage Campaign Distributed Through CallerSpy Mounts Initial Phase of a Targeted Attack
December 2, 2019
Trend Micro found a new spyware family disguised as chat apps on a phishing website. We believe that the apps, which exhibit many cyberespionage behaviors, are initially used for a targeted attack campaign. We first came across the threat in May on the site http://goooglepress/, which was advertising a chat app called “Chatrious.” Users can ...