A malicious Edge extension linked to a Python backdoor shows how native messaging can turn a browser convenience feature into a bridge toward endpoint-level abuse.
A familiar Python backdoor is being repackaged as loadable extension modules, a move that can make source-based inspection harder and push defenders toward behavior-first detection.
North Korea’s Kimsuky group revamps its multi-stage attack chain, weaponizing Windows shortcuts and cloud channels to deliver Python backdoors undetected.