APT / THREAT GROUP
Python
1
aliases
Intelligence Profile
ransomware
Threat Analysis
Python is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.
Intelligence Reports Mentioning Python
Armored Likho digging a snake pit: inside the covert BusySnake Stealer campaign
Securelist (Kaspersky)· Jul 3, 2026
New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos
The Hacker News· Jul 2, 2026
ChocoPoc malware delivered via trojanized exploits on GitHub
BleepingComputer· Jul 1, 2026
New ChocoPoC malware targets researchers via trojanized PoC exploits
BleepingComputer· Jul 1, 2026
Malicious PyPI packages give hackers control of Telegram bot servers
BleepingComputer· Jun 30, 2026
Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer
The Hacker News· Jun 29, 2026
Malicious Edge extension abuses Native Messaging as bridge to malware
BleepingComputer· Jun 24, 2026
'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows
Dark Reading· Jun 23, 2026
Quick Facts
TypeAPT / Threat Group
Aliases1
Also Known As
Python
Research Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.