New 'pymafka' malicious package drops Cobalt Strike on macOS, Windows, Linux
5 minute read time
The 'pymafka' PyPI package is filled with trojans targeting Windows, macOS & Linux users and appears to typosquat the popular PyKafka.
Read More...
This Week in Malware — Malicious Rust crate, 'colors' typosquats
5 minute read time
From a malcious Rust typosquat found in the crates[.
Read More...
This Week in Malware — Apache Kafka typosquats, shorthand data exfiltration
4 minute read time
This Week In Malware—May 6th edition: Apache Kafka typosquat, and a simple distraction technique.
Read More...
npm package downloads another package while exfiltrating your IP address and username
4 minute read time
On any given day we analyze hundreds of suspicious npm and PyPI packages, but this one stood out to us. An npm package that downloads another empty npm package?
Read More...
Malicious npm 'colors' typosquats pack Discord malware
5 minute read time
Sonatype has caught newer typosquats of the popular 'colors' npm library that contain Discord info-stealing malware.
Read More...
This Week in Malware — npm backdoors, bugs, 'mystery placeholders'
6 minute read time
This Week in Malware we discuss malicious packages with backdoors and hidden Discord stealers, a serious npm bug that allowed for maintainer tampering, and.
Read More...
A malicious 'Distutil' PyPI package, active Spring4Shell exploitation by attackers deploying cryptominers, An open source tool that enabled users to add Google.
Read More...
In a special edition of This Week in Malware, we change focus and look at protestware and the tale of a two-year-old Struts bug that's returned.
Read More...
This Week in Malware — VMware, secrets, and security by obscurity
2 minute read time
This week in malware digest for 8th April 2022: VMWare dependency confusion attempt and the importance of secrets management.
Read More...