ALL POSTS

Key Findings: Microsoft warns that info-stealing attacks are "rapidly expanding" beyond Windows to target Apple macOS environments. Attackers are leveraging cross-platform languages like Python and abusing trusted platforms to distribute infostealer malware at scale. Background Since late 2025, Microsoft has observed macOS-targeted infostealer campaigns using social engineering techniques such as ClickFix-style prompts and malicious DMG installers. These campaigns deploy macO

Key Findings A critical vulnerability (CVE-2025-56005) with a CVSS score of 9.8 has been discovered in the PLY (Python Lex-Yacc) library, a popular parsing library used in the Python community. The vulnerability allows Remote Code Execution (RCE) and stems from an undocumented "picklefile" parameter in the `yacc()` function. The issue is caused by the unsafe deserialization of untrusted data using Python's `pickle.load()` method. The project's maintainer, David Beazley, has a

Key Findings VVS Stealer is a Python-based malware that steals Discord credentials and tokens It has been sold on Telegram since at least April 2025 The malware uses the source code obfuscator Pyarmor to heavily obfuscate its Python code, hindering analysis and detection Background VVS Stealer is marketed on Telegram as the "ultimate stealer" and is sold via subscriptions or licenses, starting at €10 per week up to €199 for lifetime access The malware can steal Discord data,