Microsoft spots XCSSET macOS malware variant used for crypto theft
A new variant of the XCSSET macOS modular malware has emerged in attacks that target users' sensitive information, including digital wallets and data from the legitimate Notes app.
Supply Chain Attack on Rspack npm Packages Injects Cryptojac...
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Info Stealing Packages Hidden in PyPI
An info-stealing PyPI malware author was identified discreetly uploading malicious packages.
Trojanized Free Download Manager found to contain a Linux backdoor
Kaspersky researchers analyzed a Linux backdoor disguised as Free Download Manager software that remained under the radar for at least three years.
PyPI Attackers Still At It: Malicious Packages Drop Trojans and Info-stealers
Sonatype's malicious open source and malware detection systems found hundreds of malicious PyPI packages.