Malicious code in nwin32tls (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a47778618cad57dbc584afdff7ed138032b69c423a9812e1bc8f86c13129f01d Importing the module starts a loop that listens to key strokes and on every capslock press exfiltrates screenshot to a hardcoded location. --- Category:...

FBI Warns of Iran’s Handala Hack Group Using Fake Apps to Spy on Windows Users

The FBI has issued a warning about Iran-linked Handala Hack Group, targeting Windows users through fake versions of WhatsApp and Telegram...

ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs Into Spyware

A threat actor known as ShadyPanda has been linked to a seven-year-long browser extension campaign that has amassed over 4.3 million installations over time. Five of these extensions started off as legitimate programs before malicious changes were introduced in mid-2024, according to a report fro...

Apple Warns French Users of Fourth Spyware Campaign in 2025, CERT-FR Confirms

Apple has notified users in France of a spyware campaign targeting their devices, according to the Computer Emergency Response Team of France CERT-FR. The agency said the alerts were sent out on September 3, 2025, making it the fourth time this year that Apple has notified citizens in the county...

Israeli Spyware Firm Paragon Linked to WhatsApp Zero-Click Attack

WhatsApp recently revealed a targeted spyware campaign linked to the Israeli firm Paragon, which affected 90 individuals, including…...

Most Sophisticated iPhone Hack Ever Exploited Apple's Hidden Hardware Feature

The Operation Triangulation spyware attacks targeting Apple iOS devices leveraged never-before-seen exploits that made it possible to even bypass pivotal hardware-based security protections erected by the company. Russian cybersecurity firm Kaspersky, which discovered the campaign at the beginnin...

MAL-2023-3183 Malicious code in esqpeppost (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx e49d077567a7e5f41d020d46952690f8da96207e8cc5d16a4dba900190e2ee96 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Spyware Blitzes Compromise, Cannibalize ICS Networks

Attackers are targeting industrial enterprises with spyware campaigns that hunt for corporate credentials so they can be used both for financial gain and to cannibalize compromised networks to propagate future attacks, researchers have found. The campaigns use off-the-shelf spyware but are unique...

‘PseudoManuscrypt’ Mass Spyware Campaign Targets 35K Systems

Researchers have tracked new spyware – dubbed “PseudoManuscrypt” because it’s similar to “Manuscrypt” malware from the Lazarus advanced persistent threat APT group – that’s attempted to scribble itself across more than 35,000 targeted computers in 195 countries. Kaspersky researchers said in a...