Cybersecurity researchers have discovered malicious libraries on the Python Package Index (PyPI) repository that aim to steal sensitive information. The packages bitcoinlibdbfix and bitcoinlib-dev pretend to be fixes for issues in a legitimate Python module called bitcoinlib, while the disgrasya package contains an automated carding script targeting WooCommerce stores. The counterfeit libraries managed to attract hundreds of downloads before removal. They replace a legitimate command with malicious code that attempts to extract sensitive database files.
Shuckworm Group Uses PowerShell Based GammaSteel Malware in Targeted Attacks
Russia-linked espionage group Shuckworm is targeting a Western military mission in Ukraine using more complex malware tools. The group is shifting towards PowerShell-based tools for
