Malicious Blender model files deliver StealC infostealing malware

A Russian-linked campaign delivers the StealC V2 information stealer malware through malicious Blender files uploaded to 3D ...
Dark Reading

Slow Retreat from Python 2 Threatens Code Security

At least one in 10 Python developers and data scientists continue to use the legacy version of the popular programming language as their primary development tool, despite a looming deadline of Jan. 1, ...
Dark Reading

Python-Based Malware Slithers Into Systems via Legit VS Code

A known Chinese advanced persistent threat (APT) group known as Mustang Panda is the likely culprit behind a sophisticated, ongoing cyber-espionage campaign. It starts with a malicious email, and ...
Bleeping Computer

Python info-stealing malware uses Unicode to evade detection

A malicious Python package on PyPI uses Unicode as an obfuscation technique to evade detection while stealing and exfiltrating developers' account credentials and other sensitive data from compromised ...
WeLiveSecurity

A pernicious potpourri of Python packages in PyPI

PyPI is popular among Python programmers for sharing and downloading code. Since anyone can contribute to the repository, malware – sometimes posing as legitimate, popular code libraries – can appear ...
ZDNet

Google open-sources Atheris, a tool for finding security bugs in Python code

Google's security experts have open-sourced another automated fuzzing utility in the hopes that developers will use it to find security bugs and patch vulnerabilities before they are exploited. Named ...
ZDNet

UK cybersecurity agency warns devs to drop Python 2 due to looming EOL & security risks

The UK's cyber-security agency warned today developers to consider moving Python 2.x codebases to the newer 3.x branch due to the looming end-of-life (EOL) of the Python 2, scheduled for January 1, ...