Malicious .NET files conceal RATs in bitmap images – Go Health Pro

Malicious .NET files conceal RATs in bitmap images – Go Health Pro

Attackers leveraged .NET assemblies with bitmap resources to conceal remote access trojans (RATs) in a recent malspam campaign, Palo Alto Networks’ Unit 42 reported Friday.  Unit 42 researchers discovered RATs, including Agent Tesla and Remcos RAT, as well as the XLoader infostealer, hidden in otherwise benign 32-bit .NET files distributed via email and labeled as … Read more

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack – Go Health Pro

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack – Go Health Pro

May 03, 2025Ravie LakshmananSupply Chain Attack / Malware Cybersecurity researchers have discovered three malicious Go modules that include obfuscated code to fetch next-stage payloads that can irrevocably overwrite a Linux system’s primary disk and render it unbootable. The names of the packages are listed below – github[.]com/truthfulpharm/prototransform github[.]com/blankloggia/go-mcp github[.]com/steelpoor/tlsproxy “Despite appearing legitimate, these modules contained … Read more

Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data – Go Health Pro

Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data – Go Health Pro

Apr 05, 2025Ravie LakshmananMalware / Supply Chain Attack Cybersecurity researchers have uncovered malicious libraries in the Python Package Index (PyPI) repository that are designed to steal sensitive information. Two of the packages, bitcoinlibdbfix and bitcoinlib-dev, masquerade as fixes for recent issues detected in a legitimate Python module called bitcoinlib, according to ReversingLabs. A third package … Read more

Dark Crystal RAT Targets Ukrainian Defense via Malicious Signal Messages – Go Health Pro

Dark Crystal RAT Targets Ukrainian Defense via Malicious Signal Messages – Go Health Pro

Mar 20, 2025Ravie LakshmananCybercrime / Malware The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of a new campaign that targets the defense sectors with Dark Crystal RAT (aka DCRat). The campaign, detected earlier this month, has been found to target both employees of enterprises of the defense-industrial complex and individual representatives of the … Read more

Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal – Go Health Pro

Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal – Go Health Pro

Mar 15, 2025Ravie Lakshmanan Malware / Supply Chain Security Cybersecurity researchers have warned of a malicious campaign targeting users of the Python Package Index (PyPI) repository with bogus libraries masquerading as “time” related utilities, but harboring hidden functionality to steal sensitive data such as cloud access tokens. Software supply chain security firm ReversingLabs said it … Read more