How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to distribute credential‑stealing payloads.

Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering ...

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

A phishing campaign targeting carefully selected “high-value” corporate employees has been using LinkedIn direct messages to deliver weaponized downloads, highlighting how criminals are shifting away ...

The Python-based information stealer SolyxImmortal uses legitimate APIs and libraries for stealthy data gathering and ...

New WhatsApp Web attack spreads self-propagating ZIP files containing Astaroth banking malware through trusted conversations. Boto Cor-de-Rosa campaign tracks delivery success.

【本文由小黑盒作者@周铁男是我于01月17日发布，转载请标明出处！】 今天看到火绒团队发的《银狐后门：Python库压缩包篡改与Chrome伪装攻击分析》后，感觉这里用到了一种很新奇的方法，于是我做了复现，顺便分享给大家共同学习 这里我结合这几年兴起的无文件攻击手段来植入后门（后门就是哆啦A梦的任意门，来去自如） ...

SppExtComObj.exe is a legitimate part of Windows responsible for managing software activation, but it can sometimes cause errors. In this post, we are going to discuss this process and the errors ...

The Python Binary Optimization Compiler Script is a powerful command-line tool designed to provide performance optimization and code protection for Python scripts. It compiles Python code into native ...