All news with #python tag

Python WhatsApp Worm Spreads Eternidade Stealer Across Brazil

📲 Trustwave SpiderLabs describes a Python-based WhatsApp worm that propagates a Delphi credential stealer named Eternidade Stealer across Brazilian devices. The campaign begins with an obfuscated Visual Basic Script dropper that installs both a Python WPPConnect-based propagator and an MSI/AutoIt installer which injects the stealer into svchost.exe. Operators use IMAP to fetch dynamic C2 addresses and apply Brazilian Portuguese geofencing to limit infections to the target region.

Cloudflare Introduces Python Workflows in Beta Release

🐍 Cloudflare has announced Python Workflows in beta, enabling developers to orchestrate multi-step, durable applications on Workers using Python. The feature aims for feature parity with the existing JavaScript SDK while adapting APIs to Pythonic idioms—using decorators for step callbacks and snake_case naming for method calls. Under the hood it leverages Pyodide and CPython in the runtime, exposes WorkflowStep as an RPC-backed JsProxy for at-most-once durable execution, and supports DAG-style concurrency via asyncio.gather. Targeted use cases include data pipelines, ML/LLM training loops, and autonomous agents where step-level retries, state persistence, and explicit wait points simplify orchestration.

Python Foundation Rejects $1.5M NSF Grant Over DEI Terms

🛡️ The Python Software Foundation (PSF) withdrew a $1.5 million proposal to the U.S. National Science Foundation after the approved award included conditions that would bar all PSF programs from activities that 'advance or promote diversity, equity, and inclusion.' The funding, under NSF’s Safety, Security, and Privacy of Open Source Ecosystems program, was intended to support automated malware-detection tools for PyPI and to be ported to other package ecosystems. PSF leaders said DEI is central to their mission, creating an unacceptable conflict that led the board to unanimously decline the grant and ask the community for donations and membership support.

Malicious PyPI soopsocks package abused to install backdoor

⚠️ Cybersecurity researchers flagged a malicious PyPI package named soopsocks that claimed to provide a SOCKS5 proxy while delivering stealthy backdoor functionality on Windows. The package, uploaded by user 'soodalpie' on September 26, 2025, had 2,653 downloads before removal and used VBScript or an executable (_AUTORUN.VBS/_AUTORUN.EXE) to bootstrap additional payloads. Analysts at JFrog reported the executable is a compiled Go binary that runs PowerShell, adjusts firewall rules, elevates privileges, performs reconnaissance and exfiltrates data to a hard-coded Discord webhook.