Critical Backdoor Found in XZ Utils (CVE-2024-3094) Enables SSH Compromise
The Mend.io research team detected more than 100 malicious packages targeting the most popular machine learning (ML) libraries from the PyPi registry. The post Critical Backdoor Found in XZ Utils (CVE-2024-3094) Enables SSH Compromise appeared first on Mend ... Read More
Over 100 Malicious Packages Target Popular ML PyPi Libraries
The Mend.io research team detected more than 100 malicious packages targeting the most popular machine learning (ML) libraries from the PyPi registry. The post Over 100 Malicious Packages Target Popular ML PyPi Libraries appeared first on Mend ... Read More
There’s a New Stealer Variant in Town, and It’s Using Electron to Stay Fully Undetected
See the attack flow of this new info-stealer Mend.io detected and how it can stay undetected by abusing trusted development tools like Electron. The post There’s a New Stealer Variant in Town, and It’s Using Electron to Stay Fully Undetected appeared first on Mend ... Read More