InfoWorld

Compiling exploit code: a network-security must

There are times when network security defenders need to compile exploit code. It is not unusual for more than a dozen new exploits against Windows and Linux machines to be released each day, and ...
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
InfoWorld

Air-gapped Python: Setting up Python without a net(work)

Installing Python and related applications on a system without a network connection isn’t easy, but you can do it. Here’s how. The vast majority of modern software development revolves around one big ...
Threat Post

FreakOut Botnet Turns DVRs Into Monero Cryptominers

The new Necro Python exploit targets Visual Tool DVRs used in surveillance systems. Threat group FreakOut’s Necro botnet has developed a new trick: infecting Visual Tools DVRs with a Monero miner.
Bleeping Computer

Hackers exploit Aiohttp bug to find vulnerable networks

The ransomware actor 'ShadowSyndicate' was observed scanning for servers vulnerable to CVE-2024-23334, a directory traversal vulnerability in the aiohttp Python library. Aiohttp is an open-source ...
Bleeping Computer

Telegram fixes Windows app zero-day used to launch Python scripts

Telegram fixed a zero-day vulnerability in its Windows desktop application that could be used to bypass security warnings and automatically launch Python scripts. Over the past few days, rumors have ...