The Banshee info-stealing malware has been upgraded to target browser credentials, cryptocurrency wallets, and passwords of macOS users for the last four months. Primarily distributed through malicious uploads on GitHub, Banshee often poses as the Telegram messaging app or Google Chrome browser to deceive users. The malware leverages a string encryption algorithm from Apple’s XProtect to stay undetected and top antivirus firms have only recently understood its workings.
GuidePoint warns of Python backdoor used in ransomware
GuidePoint Security identified a threat actor using a Python-based backdoor to persistently access breached endpoints and release RansomHub encryptors across compromised networks. The backdoor was