PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

Trigona ransomware attacks use custom exfiltration tool to steal data

Recently observed Trigona ransomware attacks are using a custom, command-line tool to steal data from compromised ...
SecurityWeek

China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks

The China-linked APT GopherWhisper has been using legitimate services and various Go-based backdoors in attacks.
WeLiveSecurity

GopherWhisper: A burrow full of malware

ESET Research has discovered a new China-aligned APT group that we’ve named GopherWhisper, which targets Mongolian ...
Hackaday

How Anthropic’s Model Context Protocol Allows For Easy Remote Execution

AI’ into more and more places, Anthropic’s Model Context Protocol (MCP) has been adopted as the standard to connect LLMs ...