A sophisticated supply chain attack recently targeted Telegram bot developers through a malicious Python package named “pyronut,” which impersonated the legitimate “pyrogram” API framework. Endor labs by embedding a stealthy runtime backdoor, the package allowed threat actors to execute arbitrary code and shell commands directly on victim machines.​ Infection Mechanism and Backdoor The pyronut package […] The post Pyronut Package Found Backdooring Telegram Bots For Remote Code Execution appeared first on Cyber Security News.