W4SP Stealer Constantly Targeting Python Developers in Ongoing Supply Chain Attack

An ongoing supply chain attack has been leveraging malicious Python packages to distribute malware called W4SP Stealer, with over hundreds of victims ensnared to date. “The threat actor is still active and is releasing more malicious packages,” Checkmarx researcher Jossef Harush said in a technical write-up, calling the adversary WASP. “The attack seems related to…

Twitter Locks Its Office Doors and Suspends Badge Access On Fears of Employee Sabotage

Opinions expressed by Entrepreneur contributors are their own. On the heels of news that Twitter employees are exiting in response to Elon Musk‘s ultimatum that they either commit to working “hardcore” to build Twitter 2.0 or leave, Platformer is reporting that the social media giant’s “office buildings are temporarily closed, and badge access is suspended.”…

Chinese Hackers Using 42,000 Imposter Domains in Massive Phishing Attack Campaign

A China-based financially motivated group is leveraging the trust associated with popular international brands to orchestrate a large-scale phishing campaign dating back as far as 2019. The threat actor, dubbed Fangxiao by Cyjax, is said to have registered over 42,000 imposter domains, with initial activity observed in 2017. “It targets businesses in multiple verticals including…