The Hacker News

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

DEEP#DOOR embeds a Python RAT in a dropper script, using bore[.]pub C2 to steal credentials and evade Windows defenses, ...
Infosecurity Magazine

Deep#Door Python Backdoor Evades Detection On Windows

A stealthy Python-based backdoor framework capable of long-term surveillance and credential theft has been identified ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
Bleeping Computer

New macOS stealer campaign uses Script Editor in ClickFix attack

A new campaign delivering the Atomic Stealer malware to macOS users abuses the Script Editor in a variation of the ClickFix attack that tricked users into executing commands in Terminal. Script Editor ...
WeLiveSecurity

A rigged game: ScarCruft compromises gaming platform in a supply-chain attack

ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via ...
MacTech

ClickFix attack uses Script Editor instead of Terminal on macOS

Jamf Threat Labs has discovered a ClickFix-style macOS attack that abuses the applescript:// URL scheme to launch Script Editor and deliver an Atomic Stealer infostealer payload — bypassing Terminal ...
Indiatimes

Dhurandhar script replayed in Pakistan? Years after Bengaluru IISc attack, Amir Hamza bleeds in Lahore street ambush

The 2005 attack, planned to spread terror on an industrial scale in India’s tech hub, was deemed a failure by its perpetrators within Lashkar-e-Taiba’s ranks.The ...
Hosted on MSN

Donald Trump goes off-script and launches political attack in front of the King

Donald Trump strayed embarrassingly from his script during his state banquet speech, launching a political tirade in the presence of the King, which constitutes a significant breach of protocol. In ...