PYSEC-2026-207 durabletask 1.4.1, 1.4.2, and 1.4.3 contain malicious code distributed via a compromised maintainer account

durabletask versions 1.4.1, 1.4.2, and 1.4.3 were published on 2026-05-19 within a 35-minute window through a compromised PyPI maintainer account and contained malicious code. On import, the package fetched a remote payload rope.pyz from an attacker-controlled host and executed it. The payload wa...

durabletask 1.4.1, 1.4.2, and 1.4.3 contain malicious code distributed via a compromised maintainer account

durabletask versions 1.4.1, 1.4.2, and 1.4.3 were published on 2026-05-19 within a35-minute window through a compromised PyPI maintainer account and containedmalicious code.On import, the package fetched a remote payload rope.pyz from anattacker-controlled host and executed it.The payload was a...

Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack

Cybersecurity researchers have discovered a previously undocumented data wiper that has been used in attacks targeting Venezuela at the end of last year and the start of 2026. Dubbed Lotus Wiper , the novel file wiper has been used in a destructive campaign targeting the energy and utilities sect...

Turns Out New Petya is Not a Ransomware, It’s a Destructive Wiper Malware

What if I say the Tuesday's devastating global malware outbreak was not due to any ransomware infection? Yes, the Petya ransomware attacks that began infecting computers in several countries, including Russia, Ukraine, France, India and the United States on Tuesday and demands $300 ransom was not...

Tools Used by Lamberts APT Found in Vault 7 Dumps

Links have emerged connecting targeted attacks going back a decade against high-profile government, industrial and financial targets around the world to hacking tools and documents leaked in the Vault 7 dump. Researchers at Kaspersky Lab today published a technical report on the activities of a...