logo
episode-header-image
Jan 2025
24m 2s

Crypto client or cyber trap? [Research S...

N2K Networks
About this episode

Karlo Zanki, Reverse Engineer at ReversingLabs, discussing their work on "Malicious PyPI crypto pay package aiocpa implants infostealer code." ReversingLabs' machine learning-based threat hunting system identified a malicious PyPI package, aiocpa, designed to exfiltrate cryptocurrency wallet information.

Unlike typical attacks involving typosquatting, the attackers published a seemingly legitimate crypto client tool to build trust before introducing malicious updates. ReversingLabs used its Spectra Assure platform to detect behavioral anomalies and worked with PyPI to remove the package, highlighting the growing need for advanced supply chain security tools to counter increasingly sophisticated threats.

The research can be found here:

Learn more about your ad choices. Visit megaphone.fm/adchoices

Up next
Today
When the breachers get breached.
International law enforcement take down the Breachforums domains. Researchers link exploitation campaigns targeting Cisco, Palo Alto Networks, and Fortinet. Juniper Networks patches over 200 vulnerabilities. Apple and Google update their bug bounties. Evaluating AI use in applica ... Show More
28m 50s
Yesterday
Cyber defenders pulled into deportation duty.
DHS reassigns cyberstaff to immigration duties. A massive DDoS attack disrupts several major gaming platforms. Discord refuses ransom after a third-party support system breach. Researchers examine Chaos ransomware and creative log-poisoning web intrusions. The FCC reconsiders its ... Show More
29m 49s
Oct 8
Chinese hackers serve up espionage.
Chinese hackers infiltrate a major U.S. law firm. The EU Commission President warns Russia is waging a hybrid war against Europe. Researchers say LoJax is the latest malware from Russia’s Fancy Bear. Salesforce refuses ransom demands. London Police arrest two teens over an allege ... Show More
32m 4s
Recommended Episodes
May 2025
6 Year Old Sleeper Attack Uncovered, Fake Bank Draft Scam, and Signal Tool Breach
In this episode of Cybersecurity Today, host Jim Love delves into a range of alarming cyber incidents. A six-year sleeper supply chain attack has compromised thousands of e-commerce websites, exploiting vulnerabilities in Magento extensions from vendors Tigren, Meetanshi, and Mag ... Show More
8m 56s
May 2025
From English Literature to Cybersecurity: A Journey Through Blockchain and Security
LINKS: https://distrust.co/software.html - Software page with OSS software Linux distro: https://codeberg.org/stagex/stagex Milksad vulnerability: https://milksad.info/ In this episode of Cybersecurity Today on the Weekend, host Jim Love engages in a captivating discussion with A ... Show More
54m 36s
Jun 2025
Severed Fingers and Wrench Attacks: A New Era in Crypto Crime
The most well-known cryptocurrency thefts involve online hacks or phishing attempts via text messages. But WSJ's Sam Schechner has been reporting on a new wave of violent crypto thefts: wrench attacks. Brutal physical attacks against the crypto elite are on the rise. Annie Minoff ... Show More
21m 4s
Jul 18
Cybersecurity Today: DNS Malware, SonicWall Backdoor, Military Breach, and BigONE Crypto Hack
In today's episode, host Jim Love covers recent cybersecurity threats, including malware hidden in DNS records, a custom backdoor targeting SonicWall SMA devices, the US military assuming a network compromise after Chinese hackers targeted VPNs and email servers, and a $27 millio ... Show More
9m 31s
Sep 2024
#67: "Introducing Crypto Unplugged's Alpha Insider and DataVision Analytics"
Send us a textIn Episode 67 of the Crypto Unplugged Podcast, Doc and Oz sit down to discuss a major evolution in the TheMarketsUnplugged journey: the decision to transition to a subscription-based website. After years of providing free crypto insights, Doc and Oz explain why they ... Show More
46m 6s
Jan 2025
DeepSeek Security Failure: Cyber Security Today, Friday, January 31, 2025
Cybersecurity Today: DeepSeek AI's Data Breach, New API Threats, & Operation Talent In this episode of 'Cybersecurity Today,' host Jim Love delves into the recent security lapse by DeepSeek AI, highlighting the exposure of sensitive data through an open ClickHouse database. Learn ... Show More
9m 20s
Aug 27
LIVE From Rare Evo: Crypto Wendy on Protecting Your Wealth in Crypto
Wendy O, cryptocurrency analyst and host of The O Show, discusses how one careless click can jeopardize your financial security. She shares practical advice for starting your journey in crypto, earning BAT, and protecting your wealth from digital risks. Key Takeaways: The critica ... Show More
18m 34s
Feb 2025
DeepSeek AI Controversies, Shadow AI Risks: Cyber Security Today for Wednesday February 5, 2025
In this episode of Cybersecurity Today with Jim Love, explore the growing concerns surrounding DeepSeek AI's censorship and lack of guardrails, the rise of 'Shadow AI' in workplaces, and how cybercriminals exploit major cloud providers like AWS and Azure. Learn about a phishing s ... Show More
10m 4s
Sep 11
Hedera Hashgraph Just Changed the Crypto Game! with Eric Piscini
Eric Piscini, CEO of Hashgraph, joined me to discuss how institutions are leveraging Hedera for tokenization and much more.Topics:- HashGraph and the Hedera ecosystem- HashSphere: A Private, Permissioned Network - Private vs Public blockchains- Tokenization market - DeFi for Toke ... Show More
40m 44s
Listen to millions of songs and podcasts on Anghami