Two PyPI packages hid a Base64 downloader in a compressed Basque dictionary, delivering a Python RAT to ~1,000 users via updatenet.work (RouterHosting/Cloudzy). The ...

Code Roulette is a Terminal User Interface (TUI) based, online multiplayer, Russian Roulette game where the loser is forced to execute a Python payload of the winner's choice. Chat included. The ...

A recently spotted supply chain attack abused an old but legitimate Python package to deliver a malicious payload. Read more on how the attacker managed to do it and how to protect yourself from it.

An investigation into what appeared at first glance to be a “standard” Python-based infostealer campaign took an interesting turn when it was discovered to culminate in the deployment of a ...

A simple tool that takes a shell command and a target .py file, then writes a new copy of that file with the command hidden in the source using invisible Unicode characters. When the modified file ...

In January 2026, Microsoft Defender Experts identified a new evolution in the ongoing ClickFix campaign. This updated tactic deliberately crashes victims’ browsers and then attempts to lure users into ...

The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows and Linux installers, with the Windows payload found deploying a Python-based ...

Sophisticated Python backdoor DEEP#DOOR steals cloud credentials via tunneling. The attack chain begins with a batch script that disables Windows security controls and dynamically extracts an embedded ...