Operation Navy Ghost is targeting Python developers who build Telegram bots by hiding backdoors inside trojanized Pyrogram forks uploaded to PyPI. The campaign has been active since November 2025, ...
A campaign active since last November has been targeting Python developers building Telegram bots with trojanized Pyrogram ...
Any development environment that installed or imported one of the 172 compromised npm or PyPI packages published since May 11 should be treated as potentially compromised. On affected developer ...
pydecipher is a Python package to unpack/unfreeze and analyze frozen Python artifacts with the ultimate goal of producing the artifact's underlying, high-level, Python source code. pydecipher can be ...
Bitdefender researchers have discovered a surge in LummaStealer activity, showing how one of the world's most prolific information-stealing malware operations managed to survive despite being almost ...
An investigation into what appeared at first glance to be a “standard” Python-based infostealer campaign took an interesting turn when it was discovered to culminate in the deployment of a ...
⚠️ de4py is FREE & OPEN SOURCE (CC BY-NC 4.0). Any paid versions sold elsewhere or commercial use are NOT permitted. If you paid for de4py, you were misled. De4py is an advanced Python deobfuscator ...
April 2023 update – Microsoft Threat Intelligence has shifted to a new threat actor naming taxonomy aligned around the theme of weather. ACTINIUM is now tracked as Aqua Blizzard and DEV-0586 is now ...