Threat Research
How DataDome Protected a Major Asian Gaming Platform from a 3-Week, Distributed Credential Stuffing Attack
A major Asian gaming platform recently faced a 3-week distributed credential stuffing attack. Learn how DataDome stopped the attack in its tracks, keeping the customer and their users safe ...
BIPClip: Malicious PyPI packages target crypto wallet recovery passwords
ReversingLabs has identified a new, malicious campaign consisting of seven different open source packages with 19 different versions on the Python Package Index (PyPI), with the oldest package dating back to December, ...
How DataDome’s Anti-DDoS Mode Protected a Leading US News Website
A leading US news website recently faced a layer 7 DDoS attack. Learn how DataDome's anti-DDoS mode stopped the attack in its tracks, keeping the customer safe ...
Meet Silver SAML: Golden SAML in the Cloud
Key findings Golden SAML is a known attack technique discovered by CyberArk and published by Shaked Reiner. For years, Golden SAML has been known for its extraction of signing certificates... The post ...
Attackers leverage PyPI to sideload malicious DLLs
ReversingLabs researchers have observed a clear trend in which open-source platforms and code have become the stage for a growing and diverse range of malicious activity and campaigns. This trend includes hosting ...
Python’s Colorama Typosquatting Meets ‘Fade Stealer’ Malware
As our hunt against malicious Python packages continues, Imperva Threat Research recently discovered an attempt to masquerade Fade Stealer malware as a nondescript package, Colorama. Why Colorama? Colorama is a package used ...
The Art of Bot Detection: How DataDome Uses Picasso for Device Class Fingerprinting
Learn how DataDome uses Picasso for device class fingerprinting, which can aid in detecting sophisticated bots lying about their environments ...
Malicious PDFs, deepfakes, and romance scams were just some of the 10 billion cyber attacks we saw last year
If you've been hoping that cyber attacks were on the decline, brace yourself for a reality check: 2023 was an unprecedented year in cyber threats. We witnessed more than 10 billion attacks ...
GitGot: GitHub leveraged by cybercriminals to store stolen data
ReversingLabs researchers have discovered two malicious packages on the npm open source package manager that leverages GitHub to store stolen Base64-encrypted SSH keys lifted from developer systems that installed the malicious npm ...
Python’s Poisoned Package: Another ‘Blank Grabber’ Malware in PyPI
Python Package Index (PyPI) is a platform that offers an extensive range of packages to simplify and enhance the development process. Malicious actors regularly upload phishing packages in the platform’s repository aimed ...