#security

Articles tagged with #security

The PyPI Package Was Clean. That Was the Problem.
A near-identical clone of my Binance WebSocket library had no payload — but it spoofed identity, shadowed the import path, linked to a 404 repo, and came from the same account as pybotnet.
May 5, 202613 min read26
From a coffee-in-bed Google search to a StealC-linked campaign — the story behind nailproxy.space
How 19 fake GitHub repositories across 17 accounts led from a Python dropper to a StealC-linked payload chain.
Apr 23, 202616 min read253
nailproxy.space: A Multi-Repository GitHub Malware Campaign
Update (2026-04-22, 13:33): I submitted this case to GitHub Support for campaign-level review. Ticket ID: 4313391. Further update (2026-04-23): I published a deeper technical follow-up covering the
Apr 22, 20269 min read184
Security Warning: Fraudulent GitHub Repository Impersonating UNICORN Binance WebSocket API
Update (2026-04-22): Further analysis indicates that this fraudulent repository is likely one lure within a broader GitHub malware campaign.Across the currently confirmed set, multiple repositories sh
Apr 22, 202611 min read83