Python — CraftedSignal Threat Feedhttps://feed.craftedsignal.io/tags/python/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioWed, 08 Apr 2026 21:12:54 +0000First Time Python Process Creates macOS Launch Agent or Daemonhttps://feed.craftedsignal.io/briefs/2026-06-python-launch-agent-persistence/Wed, 08 Apr 2026 21:12:54 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-06-python-launch-agent-persistence/This rule detects the initial creation or modification of a macOS LaunchAgent or LaunchDaemon plist file by a Python process, a common persistence technique employed by attackers using malicious scripts, compromised dependencies, or model file deserialization.This threat brief highlights the malicious use of Python to establish persistence on macOS systems. Attackers can achieve Python code execution through various means, including malicious scripts, compromised dependencies, or even model file deserialization vulnerabilities (such as pickle or PyTorch __reduce__ exploits). Once code execution is achieved, attackers can drop plist files into LaunchAgent or LaunchDaemon directories, ensuring their payload survives reboots and user logouts. This persistence mechanism allows the attacker to maintain access and control over the compromised host. Legitimate Python processes typically do not create persistence mechanisms in this manner, making the first occurrence of such activity a strong indicator of compromise.

Attack Chain

  1. The attacker gains initial access to the macOS system through methods such as exploiting vulnerabilities, social engineering, or phishing.
  2. The attacker achieves code execution within a Python process. This can occur via a malicious script, a compromised Python package, or by exploiting deserialization vulnerabilities like pickle.load or torch.load.
  3. The malicious Python script crafts a LaunchAgent or LaunchDaemon plist file. This plist file contains configuration details about the program to be executed, including its path, arguments, and execution triggers.
  4. The Python process writes the crafted plist file to either the /Library/LaunchAgents/ (for user-level persistence) or /Library/LaunchDaemons/ (for system-level persistence) directory.
  5. The LaunchAgent or LaunchDaemon is automatically loaded by launchd at login or boot, according to the configuration specified in the plist file.
  6. The program specified in the plist file is executed, giving the attacker persistent access to the compromised system.
  7. The attacker can then use this persistent access to perform various malicious activities, such as data exfiltration, lateral movement, or deploying additional malware.

Impact

A successful attack can lead to persistent compromise of macOS systems. Attackers can maintain unauthorized access, execute arbitrary code, steal sensitive data, or use the compromised system as a foothold for further attacks within the network. The impact can range from individual user data theft to widespread organizational breaches, depending on the attacker’s objectives and the system’s role within the network.

Recommendation

  • Deploy the Sigma rule “Detect Python Launch Agent/Daemon Creation” to your SIEM to identify when a Python process creates a LaunchAgent or LaunchDaemon plist file.
  • Enable Elastic Defend endpoint logging to capture event.action:"launch_daemon" events, which are necessary for the Sigma rule to function correctly.
  • Prioritize investigation of alerts generated by the Sigma rule, focusing on understanding the program arguments, run-at-load configuration, and keep-alive settings within the created plist file.
  • Implement strict dependency management and vulnerability scanning for Python environments to prevent the use of compromised packages.
  • Monitor for processes loading model files (torch.load, pickle.load) and investigate any suspicious activity to prevent exploitation of deserialization vulnerabilities.
]]>mediumadvisorypersistencemacospythonMemory Exhaustion Vulnerability in Widely Used Python Libraryhttps://feed.craftedsignal.io/briefs/2026-03-memory-exhaustion-flaw/Thu, 19 Mar 2026 17:46:05 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-memory-exhaustion-flaw/A memory exhaustion vulnerability (CVE-2026-33155) exists in a widely used Python library, affecting services like SageMaker, DataHub, and acryl-datahub due to an incomplete patch for CVE-2025-58367, requiring pinning to version 8.6.2.<p>A critical memory exhaustion vulnerability, identified as CVE-2026-33155, has been discovered in a widely used Python library downloaded approximately 29 million times per month. This vulnerability poses a significant threat to services that rely on the affected library, including Amazon SageMaker, DataHub, and acryl-datahub. The issue stems from an incomplete patch for a previous vulnerability, CVE-2025-58367, related to restricted unpickling. Organizations that applied the initial patch may…</p> highadvisorymemory-exhaustionvulnerabilitydenial-of-servicepythonsupply-chain