Bleeping Computer

Ransomware gang encrypts VMware ESXi servers with Python script

Operators of an unknown ransomware gang are using a Python script to encrypt virtual machines hosted on VMware ESXi servers. While the Python programming language is not commonly used in ransomware ...
Threat Post

VMware ESXi Servers Encrypted by Lightning-Fast Python Script

The little snippet of Python code strikes fast and nasty, taking less than three hours to complete a ransomware attack from initial breach to encryption. Researchers have discovered a new Python ...
Bleeping Computer

Hackers exploit Aiohttp bug to find vulnerable networks

The ransomware actor 'ShadowSyndicate' was observed scanning for servers vulnerable to CVE-2024-23334, a directory traversal vulnerability in the aiohttp Python library. Aiohttp is an open-source ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...
Computer Weekly

New Python-based ransomware attacks unfold in record time

Threat researchers at Sophos have identified a new strain of unusually fast-acting ransomware written in the Python programming language that has targeted VMware ESXi servers and virtual machines (VMs ...

Self-destructing Mistic backdoor linked to access broker selling corporate footholds to ransomware gangs

A new self-destructing backdoor called Mistic used in intrusions since April appears to be linked to a criminal gang that ...
Hackaday

This Week In Security: Echospoofing, Ransomware Records, And Github Attestations

It’s a bit of bitter irony, when a security product gets used maliciously, to pull off the exact attack it was designed to prevent. Enter Proofpoint, and the EchoSpoofing attack. Proofpoint offers an ...