Sources
Loading...
Additional media
Loading...
DeepNewz, mobile.
People-sourced. AI-powered. Unbiased News.
Security researchers have discovered a malicious PyPI package named 'requests-darwin-lite' masquerading as a fork of the 'requests' library. The package contains the Golang-based Sliver C2 framework hidden in a PNG image. This backdoor was uncovered by researchers at Tidelift. In a separate incident, hackers targeted PyPI with a malicious Go binary hidden in an image. Additionally, critical vulnerabilities in the Cacti network monitoring tool have been exposed, urging users to update to version 1.2.27 to mitigate risks.
Malicious PyPi Requests Fork Hides Backdoor In PNG File https://t.co/f7rA2Bjhqs
Cyberattackers are exploiting CVE-2023-7028 to take over and lock users out of #GitLab accounts, steal source code, and more. But there are publicly available exploits for the bug🐞, so defenders shouldn't sit on this one, advises @sml555_ in @DarkReading https://t.co/XllahdnH6l
Critical Flaws in Cacti Framework Could Let Attackers Execute Malicious Code: https://t.co/rBa5dR0aUC by The Hacker News #infosec #cybersecurity #technology #news