"New PondRAT Malware Hidden in Python Packages Targets Software Developers"
North Korea-linked threat actors are using poisoned Python packages to spread "PondRAT" malware as part of an ongoing campaign. Palo Alto Networks' Unit 42 found that PondRAT is a lighter version of "POOLRAT," also known as "SIMPLESEA," a macOS backdoor previously used by the "Lazarus Group" in attacks related to the 3CX supply chain compromise last year. This article continues to discuss findings regarding the new PondRAT malware.
THN reports "New PondRAT Malware Hidden in Python Packages Targets Software Developers"
Submitted by grigby1
Submitted by Gregory Rigby
on