#oceanlotus — Public Fediverse posts

OceanLotus Exploits PyPI to Deliver ZiChatBot Malware

Kaspersky's analysis uncovered a sneaky malware attack on PyPI, where OceanLotus hackers uploaded fake packages that looked like harmless libraries, tricking users into installing the ZiChatBot malware. The malicious packages, uploaded in July 2025, masqueraded as legitimate tools like uuid32-utils, colorinal, and termncolor.

https://osintsights.com/oceanlotus-exploits-pypi-to-deliver-zichatbot-malware?utm_source=mastodon&utm_medium=social

#Oceanlotus #Pypi #ZichatbotMalware #MalwareOperations #EmergingThreats

via: @campuscodi

QiAnXin published a report on the recent attacks of #OceanLotus (#APT32) that targeted Chinese organizations throughout 2021.

The group allegedly used 3 zero-day #vulns:

+1 in an unnamed antivirus product
+2 in an unnamed workstation management system. More here (in Chinese): https://mp.weixin.qq.com/s/pd6fUs5TLdBtwUHauclDOQ | #infosec #espionage #malware

via: @campuscodi

QiAnXin published a report on the recent attacks of #OceanLotus (#APT32) that targeted Chinese organizations throughout 2021.

The group allegedly used 3 zero-day #vulns:

+1 in an unnamed antivirus product
+2 in an unnamed workstation management system. More here (in Chinese): https://mp.weixin.qq.com/s/pd6fUs5TLdBtwUHauclDOQ | #infosec #espionage #malware

via: @campuscodi

QiAnXin published a report on the recent attacks of #OceanLotus (#APT32) that targeted Chinese organizations throughout 2021.

The group allegedly used 3 zero-day #vulns:

+1 in an unnamed antivirus product
+2 in an unnamed workstation management system. More here (in Chinese): https://mp.weixin.qq.com/s/pd6fUs5TLdBtwUHauclDOQ | #infosec #espionage #malware

Вьетнамская APT-группа наряду с кибершпионскими операциями занялась майнингом #Вьетнам, #майнинг, #APT, #OceanLotus, #Microsoft https://www.securitylab.ru/news/514469.php https://twitter.com/SecurityLabnews/status/1333711194872553472/photo/1