A malicious Python package on PyPI uses Unicode as an obfuscation technique to evade detection while stealing and exfiltrating developers' account credentials and other sensitive data from compromised ...

Attackers are increasingly changing up the techniques used to obfuscate what their software is doing, with one group hiding parts of their code using a variety of techniques swapped out every 37 days ...

In the new cryptomining module we discovered and described in our previous article, the cybercriminals behind the Stantinko botnet introduced several obfuscation techniques, some of which have not yet ...

Open source packages downloaded an estimated 30,000 times from the PyPI open source repository contained malicious code that surreptitiously stole credit card data and login credentials and injected ...

Reverse engineering and tampering attacks threaten every mobile app, yet many apps apply basic code hardening techniques (or none at all!) to defend against these attempts. In fact, research has shown ...

With malware now so common and successful cyberattacks offering potentially high -- albeit criminal -- returns, there is little need for garden-variety hackers to learn how to develop exotic, custom ...

Last month, my colleague Sébastien Duquette detailed the home campaign, a long-lasting operation consisting of compromised web servers running a malicious Apache module named Darkleech (detected by ...

I am the founder and CEO of Apriorit, a software development company that provides engineering services globally to tech companies. Nowadays, cyber attackers are armed with an impressive range of ...

SQL injection attacks already stand as one of the most effective means hackers use to break into enterprise database infrastructures today. Now the attack could get a boost in effectiveness when a ...