Cybersecurity company Outpost24 AB has warned of a new version of notorious malware, LummaC2 v4.0, which uses advanced anti-detection techniques. The malware, designed to covertly extract sensitive data, now delays activation until it detects genuine human mouse activity, making analysis difficult for cybersecurity researchers. Other new features include Control Flow Flattening Obfuscation, XOR encryption, dynamic configuration files, and the mandatory use of crypters for malware builds.
Trojanized PyPI AI Proxy Steals Claude Prompt, Exfiltrates Data
A malicious PyPI package, hermes-px, that masquerades as a “Secure AI Inference Proxy” while secretly stealing user prompts and abusing a private university AI service.
