As part of their research and monitoring efforts, the Supply Chain Security team of the Threat Intelligence department of the Positive Technologies Expert Security Center (PT ESC) detected and prevented a malicious campaign in the Python Package Index (PyPI) package repository.
The attack targeted developers, ML engineers, and ordinary AI enthusiasts who might be interested in integrating DeepSeek into their systems. PyPI is used as a default package repository in popular package managers: pip, pipenv, and poetry.
Read more…
Source: Positive Technologies
Related:
- Malware Classification with ‘Graph Hash,’ Applied to the Orca Cyberespionage Campaign
September 6, 2019
In malware research, threat hunting and sharing of threat intelligence, such as exchanging indicators of compromise (IoCs) in the form of hashes (e.g., MD5s, SHA256s), are common industry practices and helpful for information security professionals. Researchers, for instance, would typically search for malware samples on VirusTotal using hashes. However, hashes have some characteristics that could ...
- A Chinese APT is now going after Pulse Secure and Fortinet VPN servers
September 5, 2019
A group of Chinese state-sponsored hackers is targeting enterprise VPN servers from Fortinet and Pulse Secure after details about security flaws in both products became public knowledge last month. The attacks are being carried out by a group known as APT5 (also known as Manganese), ZDNet has learned from sources familiar with the attacks. According to a ...
- Hackers exploiting popular social engineering ‘toolkits’ to refine cyber attacks
September 4, 2019
Hackers are regularly using highly customisable online resources to add social engineering components to render their attacks more effective, according to new research from Malwarebytes. One website identified by the team features an expansive toolkit that has drawn more than 100,000 visits in the past few weeks, offering design and framework support to attackers. The resource, dubbed Domen, is built ...
- BRATA Android RAT Steals Banking Info in Real Time
September 4, 2019
The RAT targets users via fake WhatsApp updates in Google Play. A powerful Android remote access tool (RAT) family dubbed BRATA is proliferating, with at least 20 different variants cropping up since it was first spotted in January. The majority of the binaries have been found in the official Google Play store, masquerading as updates for ...
- Android Zero-Day Bug Opens Door to Privilege Escalation Attack, Researchers Warn
September 4, 2019
Researchers are warning of a high-severity zero-day vulnerability in Google’s Android operating system, which if exploited could give a local attacker escalated privileges on a target’s device. The specific flaw exists within the v4l2 (Video4Linux 2) driver, which is the Android media driver. When exploited, a component within the v4l2 “does not validate the existence of ...
- Fraudsters use AI voice manipulation to steal £200,000
September 2, 2019
Cyber criminals have used artificial intelligence (AI) and voice technology to impersonate a UK business owner, resulting in the fraudulent transfer of $243,000 (£201,000). In March this year, what is believed to be an unknown hacker group is said to have exploited AI-powered software to mimic the prominent business leader’s voice to fool his subordinate, the CEO of ...