Deep#Door Python Backdoor Evades Detection On Windows
Deep#Door Python RAT uses tunneling and obfuscation to evade detection and steal credentials
Python is a programming language whose libraries, runtimes, and dependencies can introduce vulnerabilities into software and security tooling.
Search across headline titles and summaries.
Background for this topic.
Python is a high-level, general-purpose programming language used for applications, automation, data processing, and security tooling. Its reference implementation, CPython, includes a standard library, while third-party packages extend the language for web services, networking, and system administration. Python’s broad deployment means vulnerabilities can affect both the interpreter and widely used libraries.
Security concerns include flaws in Python or dependencies, malicious or compromised packages introduced through typosquatting or dependency confusion, and unsafe application behavior. For example, deserializing untrusted data with pickle, evaluating untrusted expressions with eval, or constructing shell commands from unchecked input can enable code execution. Practitioners should inventory transitive dependencies, pin and review versions, use trusted package sources and integrity checks, apply security updates, and run services with least privilege. Python is also commonly used to automate scanning, analysis, and response, so those scripts require the same access control, code review, and secret-handling discipline as other production software.
Weekly headline count for the current query.
Deep#Door Python RAT uses tunneling and obfuscation to evade detection and steal credentials
Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group
Sophisticated Python malware uncovered in fraud probe shows obfuscation, disposable infrastructure
A new Python-based malware called VVS stealer has been identified, targeting Discord users with stealthy techniques to steal data
A new malware campaign has been identified using a Python-based delivery system to deploy CastleLoader malware
3 critical zero-day flaws in PickleScan, affecting Python and PyTorch, allowed undetected attacks
The Confucius cyber-espionage group has shifted its tactics from document-focused stealers to Python-based backdoors like AnonDoor
Vietnamese phishing campaign evolves from Python infostealer to PureRAT trojan
Python-based PXA Stealer has stolen data from more than 4000 victims in over 62 countries, according to SentinalLabs
Banana Squad exploited GitHub to distribute malicious Python code disguised as legitimate tools
Python RAT PylangGhost, linked to Famous Chollima, targeted crypto professionals via fake job sites
Revival Hijack Python Package Index supply chain attack threatens 22,000 packages through malicious downloads
CPR said exploit builders in .NET and Python have been employed to deploy this malware
Discovered by the SentinelLabs team, FBot targets web servers, cloud services and SaaS platforms
Nitrogen serves as initial-access malware, using obfuscated Python libraries for stealth
2922 projects contained at least one unique secret, including from AWS, Redis and Google
Cado Security Labs said the bot agent exhibited various methods for conducting DDoS attacks
ReversingLabs uncovered three additional malevolent packages believed to be part of the campaign
ReversingLabs said the attackers displayed a sophisticated approach and techniques
Python script could minimize risk until a formal solution is developed