threat

Malicious Python package “disgrasya” on PyPI automates credit card fraud targeting WooCommerce sites. It mimics legitimate user behavior to bypass fraud detection, exfiltrating card data to attackers. With 34,000 downloads before removal, it highlights evolving cyber threats in e-commerce. Merchants are urged to enhance security against similar attacks.

https://gbhackers.com/malicious-pypi-package-targets-e-commerce-sites/

TLDR: BitM attacks rapidly compromise web application sessions, bypassing MFA through social engineering. Adversaries target session tokens via tools like Evilginx2. Mandiant's Delusion tool enhances BitM efficiency, enabling session stealing with minimal prior knowledge of target authentication methods. Strong defenses, including hardware-based MFA and client certificates, are crucial to thwarting such threats. Organizations should adopt layered security measures to protect sensitive data from BitM exploits.

https://cloud.google.com/blog/topics/threat-intelligence/session-stealing-browser-in-the-middle/