Dark Reading

Malicious Python Trojan Impersonates SentinelOne Security Client

In the latest supply chain attack, an unknown threat actor has created a malicious Python package that appears to be a software development kit (SDK) for a well-known security client from SentinelOne.
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
The Hacker News

Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading

Researchers found a LinkedIn phishing campaign delivering a remote access trojan via DLL sideloading, WinRAR SFX files, and abused open-source tools.
ExtremeTech

Fake Job Interviews Trick Developers Into Installing Python Trojan

No one loves being asked mid-interview to prove their chops with a short assignment: The pressure's on, the stakes are high, and the interviewer is watching you like a hawk. But according to security ...
Bleeping Computer

Fake job interviews target developers with new Python backdoor

A new campaign tracked as “Dev Popper” is targeting software developers with fake job interviews in an attempt to trick them into installing a Python remote access trojan (RAT). The developers are ...