The Hacker News

New VVS Stealer Malware Targets Discord Accounts via Obfuscated Python Code

VVS Stealer is a Python-based malware sold on Telegram that steals Discord tokens, browser data, and credentials using heavy ...

Astaroth banking malware returns with WhatsApp-based worm targeting Brazil

Dubbed “Boto-Cor-de-Rosa,” the new campaign includes the addition of a WhatsApp web-based worm that allows the malware to spread itself by using a victim’s WhatsApp contacts versus previous Astaroth ...
CSO Online

MacSync Stealer malware bypasses macOS Gatekeeper security warnings

MacSync Stealer, by contrast, is downloaded from an ordinary-looking utility URL as a code-signed and notarized Swift application. Once the user initiates installation, the dropper retrieves its ...
The Hacker News

China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

China-linked Evasive Panda used DNS poisoning to deliver the MgBot backdoor in targeted espionage attacks from 2022 to 2024.
Hosted on MSN

Python Package Index Responds to Malware Attack by Invalidating Tokens

The Python Package Index (PyPI), run by the Python Software Foundation, has officially invalidated all the publishing tokens that were stolen in the GhostAction supply chain attack that happened ...
Hosted on MSN

I turned a USB stick into my personal security toolkit — and it cost nothing

You may assume a USB stick is merely for storage, but it can be more than that. You can turn it into a portable security environment that's totally under your control. It can be a device you plug into ...