Malicious Python Package “Fabrice” Steals AWS Credentials via 37,000+ Downloads
Nov 7, 2024 | A malicious Python package called “Fabrice” was typosquatting the popular Fabric SSH automation library, exfiltrating AWS credentials from unsuspecting developers. With over 37,000 downloads on PyPI since 2021, the package used encoded payloads and a VPN-based proxy server to covertly steal data.
Black Lotus, Emotet, Beep, and Dark Pink: Top Malware Threats of 2024
Oct 15, 2024 | As 2024 closes, malware like Black Lotus, Emotet, Beep, and Dark Pink continue to evolve, exploiting systems and evading detection.
CISA Adds Mitel, Oracle, flaws to the KEV list
January 10, 2025 | CISA has updated its Known Exploited Vulnerabilities (KEV) catalog with critical flaws in Mitel’s MiCollab platform and a five-year-old Orac
Iranian "Dream Job" Campaign Targets Aerospace Sector
Nov 15, 2024 | Iranian threat group TA455 is using fake job offers to infiltrate the aerospace industry, according to ClearSky Cyber Security.