80 matches found
Google Chrome AI extensions deliver info-stealing malware in broad attack
Small businesses and boutique organizations should use caution when leaning on browser-friendly artificial intelligence AI tools to generate ideas, content, and marketing copy, as a set of Google Chrome extensions were recently compromised to deliver info-stealing malware disguised as legitimate...
Info Stealing Campaign Uses DLL Sideloading Through Legitimate Cisco Webex’s Binaries for Initial Execution and Defense Evasion
Info Stealing Campaign Uses DLL Sideloading Through Legitimate Cisco Webex’s Binaries for Initial Execution and Defense Evasion By Ale Houspanossian · June 17, 2024 Case Summary It was a quiet Monday morning in March 2024 when the EDR researchers with our Trellix Advanced Research Center identifi...
Microsoft Warns of Malvertising Scheme Spreading CACTUS Ransomware
Microsoft has warned of a new wave of CACTUS ransomware attacks that leverage malvertising lures to deploy DanaBot as an initial access vector. The DanaBot infections led to "hands-on-keyboard activity by ransomware operator Storm-0216 Twisted Spider, UNC2198, culminating in the deployment of...
Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
A malicious Python package on the Python Package Index PyPI repository has been found to use Unicode as a trick to evade detection and deploy an info-stealing malware. The package in question, named onyxproxy, was uploaded to PyPI on March 15, 2023, and comes with capabilities to harvest and...
Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
A malicious Python package on the Python Package Index PyPI repository has been found to use Unicode as a trick to evade detection and deploy an info-stealing malware. The package in question, named onyxproxy, was uploaded to PyPI on March 15, 2023, and comes with capabilities to harvest and...
Malicious code in tphydratoolsplit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 0b83ac2b575decdf8cd7ea3be0d7a2c8073ceb3b113d3a756fcb0b189605a718 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
MAL-2023-3260 Malicious code in esqpullcraftlgtb (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 56855a5ba83eb08fd0c7aa4cb319b3460f2ae497bba68814ec35776030a13893 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
MAL-2023-7510 Malicious code in tpramtoolpong (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx ae3e26b44442d54fb2306da89fdbf61bff82609d4d25f7be123ffdbfb71beb2b EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
MAL-2023-4209 Malicious code in libmasklibosint (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx e6586d0282936e32973f50873abfeb547f6f380031dfcb9c9f7e3b5a5baa3036 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
MAL-2023-3017 Malicious code in esqintstringcraft (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 2537920b8966f9205f5f37e04e5165e06a48e852fe593c32afa766aa4e18e3d3 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
MAL-2023-3423 Malicious code in esqstringpingcraft (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 81cca61a0baab7dba03f486c699fb68b3262202073e99ed34927a17e094d1677 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
MAL-2023-3967 Malicious code in libedencodemine (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 16de049b5727532206c0ad13d34b3786641d2e891a12a07729a1f3652e78e6c5 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Malicious code in esqgamegrandmc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 20a814115976921535940566feabff918f934dba1dd721c8d4729f7b0da4c0c5 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
MAL-2023-6471 Malicious code in selfpostguihttp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx f52d4f7c43243f0eb7d84335dabadf9d4240cafbd0f98adeb086263ce3360a4f EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Malicious code in py-stringpingpost (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 1798675fecb1b20899347f9a69355135079b71926e17c334c6015a37a7140526 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Malicious code in libedramlgtb (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 5cb4973f227b6698929405f42ee7441e6c24a1761746b25b2cbfb125311be35f EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Malicious code in libvirtuallgtbcontrol (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 1d68e8932721d778eef87509fc53906a6b275a6c7527117e118d34c03a6ecacb EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
MAL-2023-4079 Malicious code in libhydracandymask (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 1650af36a03ee160bcd7835412f84b54932cf508896c26b7d7356de1f0f7b079 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
MAL-2023-4607 Malicious code in libverhackedhacked (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx fff3c918183b7b83234be4059b10a657ad7ccf188a4354f328e49eb9f120d34c EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Malicious code in py-studypongvisa (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9800b47bf619ef47f338ec281169f83ccef396845935ed71a1b447eab77c95d6 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...