Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
XDA Developers on MSN

A popular Python library just became a backdoor to your entire machine

Supply chain attacks feel like they're becoming more and more common.
The Hacker News

Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials

Cybersecurity researchers have uncovered a new set of malicious npm packages that are designed to steal cryptocurrency ...

TeamPCP deploys Iran-targeted wiper in Kubernetes attacks

The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects systems configured for Iran.
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...
The Hacker News

Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT

Cybersecurity researchers have disclosed details of a multi-stage malware campaign that uses batch scripts as a pathway to deliver various encrypted remote access trojan (RATs) payloads that ...
IEEE

Malware Classification of Encrypted Network Traffic (2020–2025): A Comprehensive Review and Comparative Analysis

Abstract: With the near-ubiquitous adoption of QUIC/HTTP-3, TLS 1.3 and DNS-over-HTTPS (DoH), malware increasingly hides within Encrypted Network Traffic (ENT), challenging payload-centric intrusion ...
GitHub

Advanced Keylogger with Daily Log Rotation

A sophisticated, cross-platform keylogger written in Python with advanced features including AES-256 encryption, silent background operation, automatic startup/restart capabilities, and daily log ...