While patches have been released for some implementations, several projects using Kyber, including Signal, remain unpatched, and the impact of KyberSlash on users’ communications is still unclear.
ESET Research has discovered a cluster of malicious Python projects being distributed in PyPI, the official Python package repository. The threat targets both Windows and Linux systems and usually delivers a custom backdoor. In some cases, the final payload is a variant of the infamous W4SP Stealer, or a simple clipboard monitor to steal cryptocurrency, […]