May 13, 2024, 6:18 a.m. | (The Hacker News)

The Hacker News

Cybersecurity researchers have identified a malicious Python package that purports to be an offshoot of the popular requests library and has been found concealing a Golang-version of the Sliver command-and-control (C2) framework within a PNG image of the project's logo. 
The package employing this steganographic trickery is requests-darwin-lite, which has been

c2 framework command control cybersecurity fake found framework golang image library logo malicious package png popular project python python package requests researchers sliver version

Sr. Product Manager

@ MixMode | Remote, US

Information Security Engineers

@ D. E. Shaw Research | New York City

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

Information Security (Network) Consultant

@ Xcellink Pte Ltd | Singapore, Singapore, Singapore

Information Security Management System Manager

@ Babcock | Bristol, GB, BS3 2HQ