Tag: python
-
Beyond the Table: Unleash 100X Faster Graph AI and Visual Analytics with PyGraphistry
PyGraphistry: Leverage the power of graphs & GPUs to visualize, analyze, and scale your data PyGraphistry is an open source Python library for data scientists and developers to leverage the power of graph visualization, analytics, AI, including with native GPU acceleration: Python dataframe-native graph processing: Quickly ingest & prepare data in many formats, shapes, and scales…
-
Beyond the Spreadsheet of Doom: Master Your Incident Response with KANVAS
KANVAS is an IR (incident response) case management tool with an intuitive desktop interface, built using Python. It provides a unified workspace for investigators working with SOD (Spreadsheet of Doom) or similar spreadsheets, enabling key workflows to be completed without switching between multiple applications. Key Features Case Management Built on the SOD (Spreadsheet of Doom): All…
-
Sovereignty in Flux: Python’s Grip Loosens as Specialized “Security” Languages Surge in 2026
Python continues to command the zenith of the global programming hierarchy, yet its formidable margin of dominance has begun to undergo a perceptible contraction. The latest iteration of the TIOBE Index reveals a strategic shift with profound implications for the cybersecurity landscape. The language, once regarded as the unassailable sovereign of the digital realm, is…
-
X-Ray for Your BIOS: Carnegie Mellon’s New Open-Source Tool Pulls Back the Curtain on UEFI
Deciphering BIOS and UEFI updates is an endeavor typically conducted in obscurity. These files comprise a labyrinthine confluence of firmware, drivers, containers, images, and executable modules, yet few instruments exist that provide a coherent architectural perspective of their contents. Addressing this deficit, the CERT team from Carnegie Mellon SEI has introduced the CERT UEFI Parser,…
-
Digital Archeology: GotMeta Unearths Hidden Data from Target Domains
GotMeta A Python tool for discovering, downloading, and extracting metadata from publicly available files on target domains. Useful for OSINT. Features File Finder – Find publicly available files on target domains Metadata Extraction – Extract all metadata using exiftool Multi-threaded Downloads – Fast concurrent file downloads (default 5 threads) Proxy Support – Route through Burp Suite or other proxies…
-
The WhatsApp Worm: “Boto Cor-de-Rosa” Campaign Weaponizes Social Trust
A sophisticated malware campaign has surfaced in Brazil, leveraging the ubiquity of WhatsApp to propagate the Astaroth banking trojan. This delivery vector has proven exceptionally potent given the application’s cultural and commercial dominance in the region. Acronis researchers have designated this offensive as “Boto Cor-de-Rosa.” The infection sequence is initiated by a message harboring a…
-
Skip the SIEM: BlueTriage Delivers Instant Incident Reports from Raw Logs
BlueTriage has appeared on GitHub—a lightweight tool designed for rapid analysis of Windows logs. It ingests security events in JSON format, normalizes them into a unified schema, runs them through a set of simple rules, and produces both an alert file and an HTML report for initial incident triage. In essence, BlueTriage aims to address…
-
The LangGrinch Stole Your Keys: Critical LangChain Flaw Enables Data Theft
A critical vulnerability has been discovered in the LangChain ecosystem that allows attackers to steal sensitive data and even influence the responses of large language models through prompt injection. The flaw affects LangChain Core (langchain-core), the foundational Python library underpinning LLM-based applications and responsible for shared interfaces and object serialization. The vulnerability has been assigned…
-
Hacking “Analytical Amnesia”: How the ATHF Framework Gives AI a Memory for Threat Hunting
A new open-source project has emerged in the threat-hunting ecosystem, aiming to address one of the discipline’s most persistent pain points: the loss of context once an investigation is over. The Agentic Threat Hunting Framework (ATHF) presents itself as a “memory and automation layer” for threat-hunting programs. Rather than imposing a new methodology, it helps…
-
GPO Stealth: Turn Active Directory Into Your C2 With the New GroupPolicyBackdoor Framework
GroupPolicyBackdoor is a python utility for Group Policy Objects (GPOs) manipulation and exploitation. GPO attack vectors can very often lead to impactful privilege escalation scenarios in Active Directory environments. And yet, offensive security professionals may be reluctant to leverage them, partly due to the perceived risks associated with GPO manipulation. GroupPolicyBackdoor aims at providing a modular,…
-
CPython Proposes Adopting Rust for Core Modules: Boosting Python Memory Safety
Two CPython developers have proposed introducing the Rust programming language into Python’s codebase. Emma Smith and her colleague published a preliminary Python enhancement proposal (Pre-PEP) outlining the rationale behind this move. For now, Rust is intended only for optional extension modules, but it may eventually become a required dependency. The primary motivation for adopting Rust…
-
GDIOCSpider: The New Open-Source Python Tool for GDrive Incident Response
GDIOCSpider is an open-source, configurable, Python Incident Response (IR) and Security Research tool specifically catered around IOC extraction and identification in GDrives with poor data context. Taken as an end-to-end application, this tool crawls through a provided GDrive, extracts IOCs from all files processed, and outputs found results into a CSV file for research, analysis, and…
-
Startup Boost: Python Approves PEP 810 for Explicit Lazy Imports in Version 3.15
The Python developers have approved PEP 810, introducing an explicit mechanism for lazy imports into the language. With this enhancement, developers will be able to write expressions such as lazy import json, causing the module to load only at the moment the program actually references that name. This contrasts with the conventional import behavior, which…
-
New Python Trojan “SilentSync” Found on PyPI
Experts from Zscaler ThreatLabz have uncovered two malicious packages in the PyPI repository that, upon installation and import, secretly deploy the SilentSync Python trojan—a threat capable of seizing control of developer environments and exfiltrating sensitive data. Both packages relied on typosquatting—the deliberate imitation of popular library names with minor alterations, designed to deceive developers and…
-
New Python Trojan XillenStealer Targets Windows Users
The newly discovered Python trojan XillenStealer, identified by researchers at Cyfirma, poses a grave threat to Windows users. Engineered to harvest system information, stored credentials, and cryptocurrency wallets, it also bundles an array of features that enable even novice attackers to configure campaigns via a user-friendly interface. Its public availability on GitHub dramatically lowers the…
-
The Unexpected Comeback of Perl: A Look at the September TIOBE Index
TIOBE Software has released its September ranking of programming language popularity, with the most notable development being Perl’s dramatic return to the top ten. The language surged from 27th place to 10th, marking a remarkable comeback. Just a year ago, Perl was considered an “outsider,” yet its index now stands at 2.03%. For comparison, it…