Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors
On September 18, 2024, Unit 42 researchers at Palo Alto Networks released an investigation detailing an ongoing cyber campaign by the North Korean-linked threat actor group known as Gleaming Pisces (aka Citrine Sleet).
