all InfoSec news
Python Packages Leverage GitHub to Deploy Fileless Malware
Malware Analysis, News and Indicators - Latest topics malware.news
In early December, a number of malicious Python packages captured our attention, not just because of their malicious nature, but for the cleverness of their deployment strategy.
The threat actors behind these packages deviated from conventional tactics, introducing a nuanced twist in their approach. The first notable tactic was the exploitation of GitHub, a platform synonymous with trust and reliability within the developer community, to disseminate their malicious code. The packages themselves were mere vessels; the actual malicious content was …
attention december deploy deployment exploitation fileless fileless malware github malicious malware nature packages python python packages strategy tactic tactics threat threat actors