The FortiGuard Labs team has identified a malicious PyPI package affecting all platforms where PyPI packages can be installed.
This discovery poses a significant risk to individuals and institutions that have installed these packages, potentially leading to the leakage of credentials and sensitive information. Given the high severity of this threat, it is crucial to focus on this specific PyPI package. This report discusses its potential impacts and emphasizes the importance of diligent security practices in managing software dependencies.
Read more…
Source: Fortinet
Related:
- Adidas warns of consumer data breach
May 23, 2025
German sportswear maker Adidas said on Friday an unauthorised external party had obtained certain consumer data through a third-party customer service provider albeit not passwords or credit card data. “We immediately took steps to contain the incident and launched a comprehensive investigation, collaborating with leading information security experts,” the company said in a statement. Read more… Source: MSN ...
- Silent Ransom Group Targeting Law Firms
May 23, 2025
The cyber threat actor Silent Ransom Group (SRG), also known as Luna Moth, Chatty Spider, and UNC3753, is targeting law firms using information technology (IT) themed social engineering calls, and callback phishing emails, to gain remote access to systems or devices and steal sensitive data to extort the victims. While SRG has historically victimized companies in ...
- Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials
May 22, 2025
The possibility that data could be inadvertently exposed in a misconfigured or otherwise unsecured database is a longtime privacy nightmare that has been difficult to fully address. But the new discovery of a massive trove of 184 million records—including Apple, Facebook, and Google logins and credentials for accounts connected to multiple governments—underscores the risks of recklessly ...
- NSIS Abuse and sRDI Shellcode: Anatomy of the Winos 4.0 Campaign
May 22, 2025
The campaign was first spotted during a February 2025 MDR investigation. Since then, Rapid7 researchers have seen more samples using the same infection method—a multi-layered setup we call the Catena loader. Catena uses embedded shellcode and configuration switching logic to stage payloads like Winos v4.0 entirely in memory, evading traditional antivirus tools. Once installed, it quietly ...
- Europol and Microsoft disrupt world’s largest infostealer Lumma
May 21, 2025
Europol’s European Cybercrime Centre has worked with Microsoft to disrupt Lumma Stealer (“Lumma”), the world’s most significant infostealer threat. This joint operation targeted the sophisticated ecosystem that allowed criminals to exploit stolen information on a massive scale. Europol coordinated with law enforcement in Europe to ensure action was taken, leveraging intelligence provided by Microsoft. Between 16 ...
- Scattered Spider snared financial orgs before targeting shops in Britain, America
May 21, 2025
Scattered Spider snared financial services organizations in its web before its recent spate of retail attacks in the UK and US, according to Palo Alto Networks’ Unit 42. “We saw several instances in the financial services space, and now we’re starting to see instances in the retail-oriented, customer-facing space,” Unit 42 principal threat researcher Kristopher Russo ...