Malicious Python packages Zebo-0.1.0 and Cometlogger-0.1 have been discovered on PyPI. The packages can steal user data via keylogging, screenshot capturing, and data exfiltration. They establish long-term control through startup scripts and evade detection through advanced obfuscation methods. These threats pose significant security risks to developers and platforms dependent on PyPI.
Criminals Leveraging AI Tools to Rewrite and Obfuscate Malware, Evading Detection
Large language models (LLMs) are being used to generate sophisticated variants of malicious JavaScript, bypassing detection systems, says a Palo Alto Networks report. Despite struggling