资讯

腾讯网2 小时

PyInstaller工具漏洞预警,可致攻击者执行任意Python代码

PyInstaller项目近日发布补丁,修复了一个影响6.0.0之前版本打包应用程序的本地权限提升漏洞(CVE-2025-59042,CVSS评分7.0)。该漏洞可能导致攻击者在PyInstaller冻结应用的引导过程中执行任意代码。
The Hacker News6 天

TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations

CastleRAT and CastleLoader, active since March 2025, spread malware via phishing and GitHub repos, enabling data theft.
Security Boulevard3 天

APT37 Targets Windows with Rust Backdoor and Python Loader

IntroductionAPT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima) is a North Korean-aligned threat actor active since at least 2012. APT37 primarily targets South Korean individuals ...
GitHub2 天

Scalene: a Python CPU+GPU+memory profiler with AI-powered optimization proposals

Scalene is a high-performance CPU, GPU and memory profiler for Python that does a number of things that other Python profilers do not and cannot do. It runs orders of magnitude faster than many other ...

A bucket bag will complete your autumn outfits

The wardrobe staple gets a chic refresh in patent leather and plush suede. From Prada to Bottega, see our edit of the best ...