Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
Dark Reading

Malicious Python Trojan Impersonates SentinelOne Security Client

In the latest supply chain attack, an unknown threat actor has created a malicious Python package that appears to be a software development kit (SDK) for a well-known security client from SentinelOne.
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
ExtremeTech

Fake Job Interviews Trick Developers Into Installing Python Trojan

No one loves being asked mid-interview to prove their chops with a short assignment: The pressure's on, the stakes are high, and the interviewer is watching you like a hawk. But according to security ...
Bleeping Computer

Fake job interviews target developers with new Python backdoor

A new campaign tracked as “Dev Popper” is targeting software developers with fake job interviews in an attempt to trick them into installing a Python remote access trojan (RAT). The developers are ...
ITWeb

Multi-platform Trojan hits the Middle East

New versions of Milum, a malicious Trojan, have been discovered by Kaspersky. The Trojan is used by WildPressure, an advanced persistent threat (APT) actor, that has been active in the Middle East ...