Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
InfoWorld

Compiling exploit code: a network-security must

There are times when network security defenders need to compile exploit code. It is not unusual for more than a dozen new exploits against Windows and Linux machines to be released each day, and ...
Threat Post

FreakOut Botnet Turns DVRs Into Monero Cryptominers

The new Necro Python exploit targets Visual Tool DVRs used in surveillance systems. Threat group FreakOut’s Necro botnet has developed a new trick: infecting Visual Tools DVRs with a Monero miner.
Bleeping Computer

Telegram fixes Windows app zero-day used to launch Python scripts

Telegram fixed a zero-day vulnerability in its Windows desktop application that could be used to bypass security warnings and automatically launch Python scripts. Over the past few days, rumors have ...