A lot of this week’s trouble starts with something that looks close enough.A familiar repo. A useful installer. A harmless sync setting. Then the handoff goes bad, the box starts talking to someone else, and the damage moves faster than the explanation.Old bugs are back, weak defaults are earning their keep, and some attack paths are so plain they barely feel like research. Here’s the mess.
Game cheats drop spyware
Cybersecurity researchers 11 malicious NuGet packages published as .NET command-line tools that present themselves as game utilities, bots, and "panels," each of which act as a first-stage downloader responsible for fetching and executing a second-stage Python payload named "pepesoft.exe" from GitHub Releases and Hugging Face paths under the username "pepegit666," along with a dormant BitTorrent fallback mechanism built into it. "The recovered payloads use downloader-supplied AWS-style key material to retrieve remote configuration, authenticate to Google Sheets, bind activations to hardware, and honor a remote HWID/UUID ban-list," Socket said. "In the three direct-bytecode payloads, the larger game-automation application also exposes Telegram bot commands that can send screenshots back to the configured chat."






