lazarusholic"Labyrinth Chollima Using Poisoned Python Packages to Deliver PondRAT" published by PolySwarm. #LabyrinthChollima, #PondRAT, #POOLRAT, #PyPI, #DPRK, #CTI https://blog.polyswarm.io/labyrinth-chollima-using-poisoned-python-packages-to-deliver-pondrat
Anonymous 🐈️🐾☕🍵🏴🇵🇸 
Our investigation into malware #POOLRAT and a new variant PondRAT uncovers a scheme by Gleaming Pisces (aka #CitrineSleet) where Python packages distributed malware via PyPI. Analysis of these backdoors sheds light on tactics of a DPRK-based threat group. https://bit.ly/3zw3Vzi
Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors
We track a campaign by Gleaming Pisces (Citrine Sleet) delivering Linux or macOS backdoors via Python packages, aiming to infiltrate supply chain vendors. We track a campaign by Gleaming Pisces (Citrine Sleet) delivering Linux or macOS backdoors via Python packages, aiming to infiltrate supply chain vendors.
"Threat Assessment: North Korean Threat Groups" published by PaloaltoNetworks. #AlluringPisces, #CollectionRAT, #Comebacker, #Fullhouse, #GleamingPisces, #JumpyPisces, #KANDYKORN, #ObjCShellz, #OdicLoader, #POOLRAT, #PondRAT, #RustBucket, #SelectivePisces, #SlowPisces, #SmoothOperator, #SparklingPisces, #DPRK, #CTI https://unit42.paloaltonetworks.com/threat-assessment-north-korean-threat-groups-2024/
Threat Assessment: North Korean Threat Groups
Explore Unit 42's review of North Korean APT groups and their impact, detailing the top 10 malware and tools we've seen from these threat actors. Explore Unit 42's review of North Korean APT groups and their impact, detailing the top 10 malware and tools we've seen from these threat actors.