The Hacker News

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

DEEP#DOOR embeds a Python RAT in a dropper script, using bore[.]pub C2 to steal credentials and evade Windows defenses, ...

Turkish authorities reportedly seize gold Hebrew manuscript inscribed on python skin

The Hebrew manuscript inscribed in gold on python skin, displayed alongside its copper casing, at the Gaziantep Provincial ...

Script Injection and Data Theft: Python Data Analysis Tool Compromised

The popular Python package for monitoring data quality was briefly available as a malicious version. Provider Elementary ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

"Copy Fail": Linux root in all major distributions with 732 bytes of Python

The discoverers have named the root vulnerability "Copy Fail". All major distributions since 2017 are affected.
Dark Reading

UNC6692 Combines Social Engineering, Malware, Cloud Abuse

A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged ...

"Copy Fail" is a rare Linux bug that can turn an unprivileged user into a root admin in seconds

Copy Fail could represent a significant security risk in the making. The vulnerability was discovered by researchers at ...
Hosted on MSN

Master Python debugging like a pro

Debugging in Python can transform from a dreaded task into a powerful way to understand and improve your code. With tools like PyCharm’s visual debugger, pdb’s command-line control, and structured ...
Morning Overview on MSN

Hackers poisoned the PyTorch Lightning AI package and it started stealing credentials the moment you imported it

A single line of Python code was all it took. Developers who ran import lightning after installing versions 2.6.2 or 2.6.3 of ...

Official SAP npm packages compromised to steal credentials

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...

Gurgaon techie with Rs 13 LPA salary asks side hustle advice from AI amid layoff fears. ChatGPT suggests 3 options and 30-day plan

A Gurugram-based software engineer earning Rs 13 LPA, worried about possible layoffs amid rising AI adoption, sought advice ...
CSO Online

‘Trivial’ exploit can give attackers root access to Linux kernel

Experts say until the distros release patches, CSOs have to beware of unauthorized privilege escalation; Kubernetes container ...